Simplify OpenSSL version checking

Brett Hazen · Brett Hazen · commit 242b98f8b687 · 2014-06-04T18:19:31.000-07:00
diff --git a/riak/security.py b/riak/security.py
@@ -22,14 +22,16 @@
 import select
 import string
 import datetime
+import calendar
 from riak import RiakError
+from distutils.version import LooseVersion
 try:
     from cStringIO import StringIO
 except ImportError:
     from StringIO import StringIO
 
 OPENSSL_VERSION_101G = 268439679
-OPENSSL_VERSION_101 = 1000*1000*1 + 1000*0 + 1
+OPENSSL_VERSION_101 = "1.0.1"
 OPENSSL_VERSION_NUM_POS = 1
 OPENSSL_VERSION_DAY_POS = 4
 OPENSSL_VERSION_MON_POS = 3
@@ -41,29 +43,16 @@
     too_old = False
     # Check the build date on older versions
     verstring = OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_VERSION)
-    versions = string.split(verstring)
-    # Convert version string to integer
-    verdots = string.split(versions[OPENSSL_VERSION_NUM_POS], '.')
-    if len(verdots) == 3:
-        verint = 1000 * 1000 * verdots[0] + 1000 * verdots[1] + \
-            verdots[2].translate(None, "abcdefghijklmnopqrstuvwxyz")
-        # Is this at least 1.0.1 built after April 2014 (hopefully patched)
-        if verint < OPENSSL_VERSION_101:
-            too_old = True
-        else:
-            builtstr = OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_BUILT_ON)
-            timestamp = string.split(builtstr)
-            import calendar
-            calmap = {v: k for k,v in enumerate(calendar.month_abbr)}
-            day = int(timestamp[OPENSSL_VERSION_DAY_POS])
-            mon = calmap[timestamp[OPENSSL_VERSION_MON_POS]]
-            year = int(timestamp[OPENSSL_VERSION_YEAR_POS])
-            build = datetime.date(year, mon, day)
-            if build < ssldate:
-                too_old = True
-    else:
-        too_old = True
-    if too_old:
+    verdots = string.split(verstring)[OPENSSL_VERSION_NUM_POS]
+    builtstr = OpenSSL.SSL.SSLeay_version(OpenSSL.SSL.SSLEAY_BUILT_ON)
+    timestamp = string.split(builtstr)
+    calmap = {v: k for k,v in enumerate(calendar.month_abbr)}
+    day = int(timestamp[OPENSSL_VERSION_DAY_POS])
+    mon = calmap[timestamp[OPENSSL_VERSION_MON_POS]]
+    year = int(timestamp[OPENSSL_VERSION_YEAR_POS])
+    build = datetime.date(year, mon, day)
+    if LooseVersion(verdots) < LooseVersion(OPENSSL_VERSION_101) or \
+        build < ssldate:
         raise RuntimeError("Found {0} version, but expected at least "
                            "OpenSSL 1.0.1g".format(verstring))
 
