commit 9fd45dc3de0293595db63db0de3ff349527b9cb5
parent 101fae4a62205453a9894a01ed4a08c0dc8a93ee
Author: Nick Mathewson <nickm@torproject.org>
Date: Mon, 28 Apr 2025 11:32:21 -0400
Warn when OpenSSL is older than 3.0
Running with an unsupported version of openssl is not IMO
a very good idea.
Diffstat:
1 file changed, 8 insertions(+), 0 deletions(-)
diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c
@@ -301,6 +301,14 @@ int
crypto_openssl_late_init(int useAccel, const char *accelName,
const char *accelDir)
{
+ if (tor_OpenSSL_version_num() < OPENSSL_V_SERIES(3,0,0)) {
+ log_warn(LD_CRYPTO, "Running with OpenSSL version \"%s\", "
+ "which is no longer maintained by the OpenSSL project. "
+ "We recommend that you upgrade to OpenSSL 3.0 or later. "
+ "OpenSSL >=3.5 would be ideal.",
+ OPENSSL_VERSION_TEXT);
+ }
+
if (useAccel > 0) {
if (crypto_openssl_init_engines(accelName, accelDir) < 0)
return -1;
