Stop implying that we support openssl 1.0.0; we don't.

Closes ticket 20303.

The LIBRESSL_VERSION_NUMBER check is needed because if our openssl
is really libressl, it will have an openssl version number we can't
really believe.

changes/no_openssl_100

@@ -0,0 +1,4 @@
+  o Required libraries:
+    - When building with OpenSSL, Tor now requires version 1.0.1 or later.
+      OpenSSL 1.0.0 and earlier are no longer supported by the openssl team,
+      and should not be used. Closes ticket 20303.

configure.ac

@@ -614,12 +614,12 @@ CPPFLAGS="$TOR_CPPFLAGS_openssl $CPPFLAGS"
 
 AC_TRY_COMPILE([
 #include <openssl/opensslv.h>
-#if OPENSSL_VERSION_NUMBER < 0x1000000fL
+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1000100fL
 #error "too old"
 #endif
    ], [],
    [ : ],
-   [ AC_ERROR([OpenSSL is too old. We require 1.0.0 or later. You can specify a path to a newer one with --with-openssl-dir.]) ])
+   [ AC_ERROR([OpenSSL is too old. We require 1.0.1 or later. You can specify a path to a newer one with --with-openssl-dir.]) ])
 
 AC_TRY_COMPILE([
 #include <openssl/opensslv.h>

src/common/compat_openssl.h

@@ -15,8 +15,9 @@
  * \brief compatability definitions for working with different openssl forks
  **/
 
-#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0)
-#error "We require OpenSSL >= 1.0.0"
+#if !defined(LIBRESSL_VERSION_NUMBER) && \
+  OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,1)
+#error "We require OpenSSL >= 1.0.1"
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && \