From: Daira Hopwood <daira@jacaranda.org>
Date: Sat, 12 Apr 2014 17:11:05 +0000 (+0100)
Subject: OpenSSL version check: 1.0.2-beta and 1.0.2-beta1 are vulnerable.
X-Git-Url: https://git.rkrishnan.org/frontends/$rel_link?a=commitdiff_plain;h=c4875a5d2781913a74b7bedfad5659f78bcc6a4c;p=tahoe-lafs%2Ftahoe-lafs.git

OpenSSL version check: 1.0.2-beta and 1.0.2-beta1 are vulnerable.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
---

diff --git a/src/allmydata/__init__.py b/src/allmydata/__init__.py
index 9883931d..de2ec26d 100644
--- a/src/allmydata/__init__.py
+++ b/src/allmydata/__init__.py
@@ -436,7 +436,8 @@ def check_openssl_version(SSL):
         if ((numeric_components == [0, 9, 8] and components[2] >= '8y') or
             (numeric_components == [1, 0, 0] and components[2] >= '0l') or
             (numeric_components == [1, 0, 1] and components[2] >= '1g') or
-            (numeric_components >= [1, 0, 2])):
+            (numeric_components == [1, 0, 2] and not components[2].startswith('2-beta')) or
+            (numeric_components >= [1, 0, 3])):
             return
 
         if numeric_components == [1, 0, 1] and components[2] >= '1d':
diff --git a/src/allmydata/test/test_version.py b/src/allmydata/test/test_version.py
index 58a58518..8628f281 100644
--- a/src/allmydata/test/test_version.py
+++ b/src/allmydata/test/test_version.py
@@ -154,6 +154,7 @@ class CheckRequirement(unittest.TestCase):
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.1e 7 Abc 2014"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.1e invalid_date"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.1e 7 Apr"))
+        self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.2-beta1"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 0.10"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 0.10.0"))
         self.failUnlessRaises(PackagingError, check_openssl_version, MockSSL("OpenSSL 1.0.0"))
@@ -172,6 +173,7 @@ class CheckRequirement(unittest.TestCase):
         check_openssl_version(MockSSL("OpenSSL 1.0.1zzz"))
         check_openssl_version(MockSSL("OpenSSL 1.0.2"))
         check_openssl_version(MockSSL("OpenSSL 1.0.2a"))
+        check_openssl_version(MockSSL("OpenSSL 1.0.3"))
         check_openssl_version(MockSSL("OpenSSL 1.0.10a"))
         check_openssl_version(MockSSL("OpenSSL 1.1"))
         check_openssl_version(MockSSL("OpenSSL 1.1.0"))