diff options
| author | Kaspar Brand <kbrand@apache.org> | 2011-08-07 10:36:57 +0000 |
|---|---|---|
| committer | Kaspar Brand <kbrand@apache.org> | 2011-08-07 10:36:57 +0000 |
| commit | 2453c22a1af94ff595186e35d359a49a4d381a04 (patch) | |
| tree | dcf52e1e6dd0f52d74fe19f6c78c56fcd0bd7b76 /acinclude.m4 | |
| parent | 7bd59fd67a7ef3eb7aba69e34cab6b714fddbec5 (diff) | |
| download | httpd-2453c22a1af94ff595186e35d359a49a4d381a04.tar.gz | |
Enforce OpenSSL 0.9.7 as a minimum requirement in configure, and
remove #ifdef'ed code which was relevant for earlier versions only.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154688 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'acinclude.m4')
| -rw-r--r-- | acinclude.m4 | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/acinclude.m4 b/acinclude.m4 index b12fa502f5..bd3d4da4a7 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -445,7 +445,7 @@ dnl AC_DEFUN(APACHE_CHECK_OPENSSL,[ AC_CACHE_CHECK([for OpenSSL], [ac_cv_openssl], [ dnl initialise the variables we use - ac_cv_openssl=yes + ac_cv_openssl=no ap_openssl_found="" ap_openssl_base="" ap_openssl_libs="" @@ -506,21 +506,17 @@ AC_DEFUN(APACHE_CHECK_OPENSSL,[ fi fi - AC_MSG_CHECKING([for OpenSSL version]) + AC_MSG_CHECKING([for OpenSSL version >= 0.9.7]) AC_TRY_COMPILE([#include <openssl/opensslv.h>],[ #if !defined(OPENSSL_VERSION_NUMBER) #error "Missing OpenSSL version" #endif -#if (OPENSSL_VERSION_NUMBER < 0x009060af) \ - || ((OPENSSL_VERSION_NUMBER > 0x00907000) && (OPENSSL_VERSION_NUMBER < 0x0090702f)) -#error "Insecure openssl version " OPENSSL_VERSION_TEXT +#if OPENSSL_VERSION_NUMBER < 0x0090700f +#error "Unsupported OpenSSL version " OPENSSL_VERSION_TEXT #endif], - [AC_MSG_RESULT(OK)], - [dnl Replace this with OPENSSL_VERSION_TEXT from opensslv.h? - AC_MSG_RESULT([not encouraging]) - AC_MSG_WARN([OpenSSL version may contain security vulnerabilities!] - [ Ensure the latest security patches have been applied!]) - ]) + [AC_MSG_RESULT(OK) + ac_cv_openssl=yes], + [AC_MSG_RESULT(FAILED)]) if test "x$ac_cv_openssl" = "xyes"; then ap_openssl_libs="-lssl -lcrypto `$apr_config --libs`" @@ -534,9 +530,10 @@ AC_DEFUN(APACHE_CHECK_OPENSSL,[ AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"]) AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines]) if test "x$liberrors" != "x"; then - ac_cv_openssl=no AC_MSG_WARN([OpenSSL libraries are unusable]) fi + else + AC_MSG_WARN([OpenSSL version is too old]) fi dnl restore |