From a25a0e7dafdaf36df5cbb271f673d971f5c7d0a1 Mon Sep 17 00:00:00 2001
From: Daira Hopwood <daira@jacaranda.org>
Date: Sat, 12 Apr 2014 18:11:05 +0100
Subject: [PATCH] OpenSSL version check: 1.0.2-beta and 1.0.2-beta1 are
 vulnerable.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
---
 src/allmydata/__init__.py          | 3 ++-
 src/allmydata/test/test_version.py | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/allmydata/__init__.py b/src/allmydata/__init__.py
index 94ad355c..44081566 100644
--- a/src/allmydata/__init__.py
+++ b/src/allmydata/__init__.py
@@ -422,7 +422,8 @@ def check_openssl_version(SSL):
         if ((numeric_components == [0, 9, 8] and components[2] >= '8y') or
             (numeric_components == [1, 0, 0] and components[2] >= '0l') or
             (numeric_components == [1, 0, 1] and components[2] >= '1g') or
-            (numeric_components >= [1, 0, 2])):
+            (numeric_components == [1, 0, 2] and not components[2].startswith('2-beta')) or
+            (numeric_components >= [1, 0, 3])):
             return
 
         if numeric_components == [1, 0, 1] and components[2] >= '1d':
diff --git a/src/allmydata/test/test_version.py b/src/allmydata/test/test_version.py
index c6ba1087..73df5a71 100644
--- a/src/allmydata/test/test_version.py
+++ b/src/allmydata/test/test_version.py
@@ -142,6 +142,7 @@ class CheckRequirement(unittest.TestCase):
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.1e 7 Abc 2014"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.1e invalid_date"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.1e 7 Apr"))
+        self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.2-beta1"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 0.10"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 0.10.0"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.0"))
@@ -160,6 +161,7 @@ class CheckRequirement(unittest.TestCase):
         check_openssl_version(MockSSL("OpenSSL 1.0.1zzz"))
         check_openssl_version(MockSSL("OpenSSL 1.0.2"))
         check_openssl_version(MockSSL("OpenSSL 1.0.2a"))
+        check_openssl_version(MockSSL("OpenSSL 1.0.3"))
         check_openssl_version(MockSSL("OpenSSL 1.0.10a"))
         check_openssl_version(MockSSL("OpenSSL 1.1"))
         check_openssl_version(MockSSL("OpenSSL 1.1.0"))
-- 
2.45.2