Warn when OpenSSL is older than 3.0

author Nick Mathewson <nickm@torproject.org>

Mon, 28 Apr 2025 15:32:21 +0000 (11:32 -0400)

committer Nick Mathewson <nickm@torproject.org>

Mon, 28 Apr 2025 15:32:21 +0000 (11:32 -0400)
author Nick Mathewson <nickm@torproject.org>
Mon, 28 Apr 2025 15:32:21 +0000 (11:32 -0400)
committer Nick Mathewson <nickm@torproject.org>
Mon, 28 Apr 2025 15:32:21 +0000 (11:32 -0400)
diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c

index 1726e924893310b1e87125024a9856a25b56aaa9..e008c0648bb2ed8f944f4ae51aaee7c58280fe9c 100644 (file)
--- a/src/lib/crypt_ops/crypto_openssl_mgt.c
+++ b/src/lib/crypt_ops/crypto_openssl_mgt.c
@@ -301,6 +301,14 @@ int
  crypto_openssl_late_init(int useAccel, const char *accelName,
                           const char *accelDir)
  {
+  if (tor_OpenSSL_version_num() < OPENSSL_V_SERIES(3,0,0)) {
+    log_warn(LD_CRYPTO, "Running with OpenSSL version \"%s\", "
+             "which is no longer maintained by the OpenSSL project. "
+             "We recommend that you upgrade to OpenSSL 3.0 or later. "
+             "OpenSSL >=3.5 would be ideal.",
+             OPENSSL_VERSION_TEXT);
+  }
+
    if (useAccel > 0) {
      if (crypto_openssl_init_engines(accelName, accelDir) < 0)
        return -1;
author	Nick Mathewson <nickm@torproject.org>
	Mon, 28 Apr 2025 15:32:21 +0000 (11:32 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Mon, 28 Apr 2025 15:32:21 +0000 (11:32 -0400)