Improve reliability of OCSP client test

Remove custom timeout and add an HTTP 5xx retry

tests/test_ocsp_client.py

@@ -1,15 +1,20 @@
 # coding: utf-8
 from __future__ import unicode_literals, division, absolute_import, print_function
 
-import unittest
 import os
+import sys
+import unittest
 
 from asn1crypto import pem, x509
 from certvalidator import ocsp_client
 from certvalidator.registry import CertificateRegistry
 from certvalidator.context import ValidationContext
 from certvalidator.validate import verify_ocsp_response
 
+if sys.version_info < (3,):
+    from urllib2 import HTTPError  # noqa
+else:
+    from urllib.error import HTTPError  # noqa
 
 tests_root = os.path.dirname(__file__)
 fixtures_dir = os.path.join(tests_root, 'fixtures')
@@ -28,6 +33,13 @@ def test_fetch_ocsp(self):
         path = registry.build_paths(intermediate)[0]
         issuer = path.find_issuer(intermediate)
 
-        ocsp_response = ocsp_client.fetch(intermediate, issuer, timeout=3)
+        try:
+            ocsp_response = ocsp_client.fetch(intermediate, issuer)
+        except (HTTPError) as e:
+            # If we get a 500 error, retry to reduce test failures
+            if e.code < 500 or e.code >= 600:
+                raise
+            ocsp_response = ocsp_client.fetch(intermediate, issuer)
+
         context = ValidationContext(ocsps=[ocsp_response])
         verify_ocsp_response(intermediate, path, context)