"Require" OpenSSL 1.1.1 and tolerate/warn 1.0.2.

OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used
at configure and compile time.

The assumption is that 1.0.2 may still be in use by maintainers that
backport security fixes.

Also warn, at configure time, about "OpenSSL" API-compatible libraries
that do not declare TLS1_3_VERSION.

1 files changed, 4 insertions, 4 deletions

diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html
index 5b9a1203..58e89e72 100644
--- a/fetchmail-FAQ.html
+++ b/fetchmail-FAQ.html
@@ -2070,7 +2070,7 @@ SSL?</a></h2>
 
 <p>You'll need to have the <a
 href="https://www.openssl.org/">OpenSSL</a> libraries installed, and they
-should at least be version 1.0.2.
+should at least be version 1.1.1.
 Configure with --with-ssl (default since fetchmail v6.4.0). If you have the OpenSSL libraries
 installed in commonly-used default locations, this will
 suffice. If you have them installed in a non-default location,
@@ -2459,14 +2459,14 @@ applications linked against older OpenSSL versions.</p>
 <p>Note: OpenSSL's <code>c_rehash</code> script is broken in several versions,
 which can cause malfunction if several OpenSSL tools versions are installed in
 parallel in separate directories. In such cases, you may need a workaround to
-get things going. Assuming your OpenSSL 1.0.2 is installed in
-<code>/opt/openssl1.0.2</code> and your certificates are in
+get things going. Assuming your OpenSSL 1.1.1 is installed in
+<code>/opt/openssl1.1.1</code> and your certificates are in
 <code>/home/hans/certs</code>, you'd do this (the corresponding fetchmail
 option is <kbd>--sslcertpath /home/hans/certs</kbd> on the commandline and
 <kbd>sslcertpath /home/hans/cert</kbd> in the rcfile):</p>
 
 <pre>
-env PATH=/opt/openssl1.0.2/bin /opt/openssl1.0.2/bin/c_rehash /home/hans/certs
+env PATH=/opt/openssl1.1.1/bin /opt/openssl1.1.1/bin/c_rehash /home/hans/certs
 </pre>
 
 <h2><a id="R15" name="R15">R15. Help, I'm getting Authorization failure!</a></h2>