From c95064efead30edfcb3ec447a7a9a0fcce27dd9c Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Sat, 30 Jan 2016 13:08:11 +0100
Subject: Document minimum OpenSSL 1.0.1 requirement.

---
 NEWS       | 1 +
 README.SSL | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index d67d49f8..763e4e6b 100644
--- a/NEWS
+++ b/NEWS
@@ -88,6 +88,7 @@ fetchmail-6.4.0 (not yet released):
 
 ## CHANGES
 * fetchmail 6.3.X is unsupported.
+* fetchmail now requires OpenSSL v1.0.1 or newer.
 * Fetchmail now supports --sslproto auto and --sslproto tls1+ (same as ssl23).
 * --sslproto tls1.1+ and tls1.2+ are now supported for auto-negotiation with a
   minimum specified TLS protocol version, and --sslproto tls1.1 and --sslproto
diff --git a/README.SSL b/README.SSL
index 125ad63e..92973a2d 100644
--- a/README.SSL
+++ b/README.SSL
@@ -29,7 +29,8 @@ Quickstart
 ----------
 
 Use an up-to-date release of OpenSSL 1.0.1 or newer, so as to get
-TLSv1.2 support.
+TLSv1.2 support.  Older OpenSSL versions are unsupported upstream, and
+fetchmail rejects them.
 
 For use of SSL or TLS with in-band negotiation on the regular service's port, 
 i. e. with STLS or STARTTLS, use these command line options
-- 
cgit v1.2.3