commit be68c1fb43a34c61c7a589faec1b3cbaf4ced07f Author: Nick Mathewson nickm@torproject.org Date: Wed Sep 12 19:31:24 2012 -0400

Log a notice if we're running with OpenSSL before 1.0.0.

These versions have some dubious, slow crypto implementations; 1.0.0 is a great improvement, and at this point is pretty mature. --- src/common/crypto.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/src/common/crypto.c b/src/common/crypto.c index 6c6bf14..979ff3c 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -243,6 +243,11 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir) SSLeay(), SSLeay_version(SSLEAY_VERSION)); }

+ if (SSLeay() < OPENSSL_V_SERIES(1,0,0)) { + log_notice(LD_CRYPTO, "Your OpenSSL version seems to be %s. We " + "recommend 1.0.0 or later.", crypto_openssl_get_version_str()); + } + if (useAccel > 0) { #ifdef DISABLE_ENGINES (void)accelName;