Deprecate openssl-1.0.

These days everybody should have openssl-1.1 (released in 2016)
or later. So warn if configure detects openssl-1.0 or earlier.

diff --git a/NEWS.md b/NEWS.md
index e122c43fdd1f76b96474db9f6a42297933650814..a259ef3e140ceeb5649217c903ee6820a973a0f0 100644 (file)
--- a/NEWS.md
+++ b/NEWS.md
@@ -8,6 +8,9 @@ NEWS
 - Old style PEM keys are now deprecated. They still work but their
   use results in a run-time warning. The removal of PEM key support is
   scheduled for paraslash-0.8.0.
+- Version 1.0 of the openssl library has been deprecated. A warning
+  is printed at compile-time on systems which have this outdated version
+  because it will no longer be supported once paraslash-0.8.0 comes out.
 
 Downloads:
 [tarball](./releases/paraslash-git.tar.xz)

diff --git a/configure.ac b/configure.ac
index c72581118326924a25b5ca9b020316439135d60b..92560e00ec50b7fa7ae4fcfd7d8966bdca2c63bf 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -102,9 +102,14 @@ if test $HAVE_OPENSSL = yes; then
        if test "$ac_cv_have_decl_RSA_set0_key" != "$ac_cv_lib_crypto_RSA_set0_key"; then
                AC_MSG_ERROR([openssl header/library mismatch])
        fi
-       test "$ac_cv_have_decl_RSA_set0_key" = yes &&
+       if test "$ac_cv_have_decl_RSA_set0_key" = yes; then
                AC_DEFINE([HAVE_RSA_SET0_KEY], [1], [openssl >= 1.1])
-
+       else
+               AC_MSG_WARN([
+       Old openssl library detected. Support for openssl-1.0 and earlier
+       will be removed in the next major paraslash release. Please upgrade
+       your openssl installation.])
+       fi
        HAVE_CRYPTO_CLEANUP_ALL_EX_DATA=yes
        AC_CHECK_DECL([CRYPTO_cleanup_all_ex_data], [],
                [HAVE_CRYPTO_CLEANUP_ALL_EX_DATA=no],