Remove obsolete OpenSSL version check

(cherry picked from commit e9571d29af)
2018-03-17 14:09:31 +00:00
parent d3927f276e
commit 1ff0c8d21e
2 changed files with 1252 additions and 997 deletions
--- a/2187
+++ b/2187
--- a/configure.in
+++ b/configure.in
@@ -1767,43 +1767,6 @@ DSO_METHOD_dlfcn();
 		[AC_MSG_RESULT(assuming it does work on target platform)]
 		)

-AC_ARG_ENABLE(openssl-version-check,
-	      [AS_HELP_STRING([--enable-openssl-version-check],
-			      [check OpenSSL version @<:@default=yes@:>@])])
-case "$enable_openssl_version_check" in
-yes|'')
-		AC_MSG_CHECKING(OpenSSL library version)
-		AC_TRY_RUN([
-#include <stdio.h>
-#include <openssl/opensslv.h>
-int main() {
-	if ((OPENSSL_VERSION_NUMBER >= 0x009070cfL &&
-	     OPENSSL_VERSION_NUMBER < 0x00908000L) ||
-	     (OPENSSL_VERSION_NUMBER >= 0x0090804fL &&
-	     OPENSSL_VERSION_NUMBER < 0x10002000L) ||
-	     OPENSSL_VERSION_NUMBER >= 0x1000205fL)
-		return (0);
-	printf("\n\nFound   OPENSSL_VERSION_NUMBER %#010lx\n",
-		OPENSSL_VERSION_NUMBER);
-	printf("Require OPENSSL_VERSION_NUMBER 0x009070cf or greater (0.9.7l)\n"
-	       "Require OPENSSL_VERSION_NUMBER 0x0090804f or greater (0.9.8d)\n"
-	       "Require OPENSSL_VERSION_NUMBER 0x1000000f or greater (1.0.0)\n"
-	       "Require OPENSSL_VERSION_NUMBER 0x1000100f or greater (1.0.1)\n"
-	       "Require OPENSSL_VERSION_NUMBER 0x1000205f or greater (1.0.2e)\n\n");
-	return (1);
-}
-		],
-		[AC_MSG_RESULT(ok)],
-		[AC_MSG_RESULT(not compatible)
-		 OPENSSL_WARNING=yes
-		],
-		[AC_MSG_RESULT(assuming target platform has compatible version)])
-;;
-no)
-	AC_MSG_RESULT(Skipped OpenSSL version check)
-;;
-esac
-
 	AC_MSG_CHECKING(for OpenSSL FIPS mode support)
 	have_fips_mode=""
 	AC_TRY_LINK([#include <openssl/crypto.h>],
@@ -5433,31 +5396,6 @@ not have DNSSEC support. Use --with-openssl, or --with-pkcs11 and
 EOF
 fi

-if test "X$OPENSSL_WARNING" != "X"; then
-cat << \EOF
-WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-WARNING                                                                 WARNING
-WARNING         Your OpenSSL crypto library may be vulnerable to        WARNING
-WARNING         one or more of the the following known security         WARNING
-WARNING         flaws:                                                  WARNING
-WARNING                                                                 WARNING
-WARNING         CAN-2002-0659, CAN-2006-4339, CVE-2006-2937,            WARNING
-WARNING         CVE-2006-2940 and CVE-2015-3193.                        WARNING
-WARNING                                                                 WARNING
-WARNING         It is recommended that you upgrade to OpenSSL           WARNING
-WARNING         version 1.0.2e/1.0.1/1.0.0/0.9.9/0.9.8d/0.9.7l          WARNING
-WARNING		(or greater).                                           WARNING
-WARNING                                                                 WARNING
-WARNING         You can disable this warning by specifying:             WARNING
-WARNING                                                                 WARNING
-WARNING               --disable-openssl-version-check          	        WARNING
-WARNING                                                                 WARNING
-WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-EOF
-fi
-
 # Tell Emacs to edit this file in shell mode.
 # Local Variables:
 # mode: sh