1 files changed, 7 insertions, 43 deletions

diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index 7033b0e2..2d846132 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -47,30 +47,18 @@ unless result
   end
 end
 
-result = checking_for("OpenSSL version is 0.9.8 or later") {
-  try_static_assert("OPENSSL_VERSION_NUMBER >= 0x00908000L", "openssl/opensslv.h")
-}
-unless result
-  raise "OpenSSL 0.9.8 or later required."
-end
-
-unless OpenSSL.check_func("SSL_library_init()", "openssl/ssl.h")
-  raise "Ignore OpenSSL broken by Apple.\nPlease use another openssl. (e.g. using `configure --with-openssl-dir=/path/to/openssl')"
+unless checking_for("OpenSSL version is 1.0.1 or later") {
+    try_static_assert("OPENSSL_VERSION_NUMBER >= 0x10001000L", "openssl/opensslv.h") }
+  raise "OpenSSL >= 1.0.1 or LibreSSL is required"
 end
 
 Logging::message "=== Checking for OpenSSL features... ===\n"
 # compile options
 
-# check OPENSSL_NO_{SSL2,SSL3_METHOD} macro: on some environment, these symbols
-# exist even if compiled with no-ssl2 or no-ssl3-method.
-unless have_macro("OPENSSL_NO_SSL2", "openssl/opensslconf.h")
-  have_func("SSLv2_method")
-end
-unless have_macro("OPENSSL_NO_SSL3_METHOD", "openssl/opensslconf.h")
-  have_func("SSLv3_method")
-end
-have_func("TLSv1_1_method")
-have_func("TLSv1_2_method")
+# SSLv2 and SSLv3 may be removed in future versions of OpenSSL, and even macros
+# like OPENSSL_NO_SSL2 may not be defined.
+have_func("SSLv2_method")
+have_func("SSLv3_method")
 have_func("RAND_egd")
 engines = %w{builtin_engines openbsd_dev_crypto dynamic 4758cca aep atalla chil
              cswift nuron sureware ubsec padlock capi gmp gost cryptodev aesni}
@@ -78,30 +66,6 @@ engines.each { |name|
   OpenSSL.check_func_or_macro("ENGINE_load_#{name}", "openssl/engine.h")
 }
 
-# added in 0.9.8X
-have_func("EVP_CIPHER_CTX_new")
-have_func("EVP_CIPHER_CTX_free")
-OpenSSL.check_func_or_macro("SSL_CTX_clear_options", "openssl/ssl.h")
-
-# added in 1.0.0
-have_func("ASN1_TIME_adj")
-have_func("EVP_CIPHER_CTX_copy")
-have_func("EVP_PKEY_base_id")
-have_func("HMAC_CTX_copy")
-have_func("PKCS5_PBKDF2_HMAC")
-have_func("X509_NAME_hash_old")
-have_func("X509_STORE_CTX_get0_current_crl")
-have_func("X509_STORE_set_verify_cb")
-have_func("i2d_ASN1_SET_ANY")
-have_func("SSL_SESSION_cmp") # removed
-OpenSSL.check_func_or_macro("SSL_set_tlsext_host_name", "openssl/ssl.h")
-have_struct_member("CRYPTO_THREADID", "ptr", "openssl/crypto.h")
-have_func("EVP_PKEY_get0")
-
-# added in 1.0.1
-have_func("SSL_CTX_set_next_proto_select_cb")
-have_macro("EVP_CTRL_GCM_GET_TAG", ['openssl/evp.h']) && $defs.push("-DHAVE_AUTHENTICATED_ENCRYPTION")
-
 # added in 1.0.2
 have_func("EC_curve_nist2nid")
 have_func("X509_REVOKED_dup")