Fix zombie connection when TLS handshake fails in HTTP proxy

When using an HTTP proxy to connect to HTTPS servers, if the TLS handshake
fails after CONNECT succeeds, the connection remains in ACTIVE state and never
gets cleaned up, occupying the connection pool forever.

This fix ensures the connection is properly closed when TLS fails, preventing
Pool timeout issues.

Author: baizhufbb

httpcore/_async/http_proxy.py

@@ -312,9 +312,15 @@ async def handle_async_request(self, request: Request) -> Response:
                     "server_hostname": self._remote_origin.host.decode("ascii"),
                     "timeout": timeout,
                 }
-                async with Trace("start_tls", logger, request, kwargs) as trace:
-                    stream = await stream.start_tls(**kwargs)
-                    trace.return_value = stream
+                try:
+                    async with Trace("start_tls", logger, request, kwargs) as trace:
+                        stream = await stream.start_tls(**kwargs)
+                        trace.return_value = stream
+                except Exception:
+                    # Close the underlying connection when TLS handshake fails to avoid
+                    # zombie connections occupying the connection pool
+                    await self._connection.aclose()
+                    raise
 
                 # Determine if we should be using HTTP/1.1 or HTTP/2
                 ssl_object = stream.get_extra_info("ssl_object")