From 1877c3d444e6109a3d9273e46b4b9c8e8c50ea2a Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Mon, 30 Mar 2020 14:25:05 +0200
Subject: "Require" OpenSSL 1.1.1 and tolerate/warn 1.0.2.

OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used
at configure and compile time.

The assumption is that 1.0.2 may still be in use by maintainers that
backport security fixes.

Also warn, at configure time, about "OpenSSL" API-compatible libraries
that do not declare TLS1_3_VERSION.
---
 configure.ac | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index 31373d2a..f1a58c3a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -799,6 +799,9 @@ else
 fi
 
 case "$LIBS" in *-lssl*)
+	AC_CHECK_DECLS([TLS1_3_VERSION],,
+		       AC_MSG_WARN([Your OpenSSL version is too old and does not support TLS v1.3. Upgrade.]),
+		       [#include <openssl/ssl.h>])
 	AC_CHECK_DECLS([TLS1_2_VERSION],,
 		       AC_MSG_ERROR([Your OpenSSL version is too old and does not support TLS v1.2. Upgrade.]),
 		       [#include <openssl/ssl.h>])
-- 
cgit v1.2.3