From nobody Wed Feb 21 15:37:36 2024 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Tg0lP32t3z59n90; Wed, 21 Feb 2024 15:37:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Tg0lP0r4Bz4hSY; Wed, 21 Feb 2024 15:37:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708529857; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uc/3a8VyMzG9r1UoZ/I+zDoidHSrjfNVCPIew+01Zgw=; b=yh0UIfwhxP/wnG0FHFDLL3kfnptBKa6WQpcygVIFqQMAhVfCI3sZy/Qv8HWkRsN5AZjDyj UmeUnQSfFkbpGpkzlQ7VP0DfxXp12P7RLH5MfzNdEC479Js9pl6wbKxaYvy2WlcBHiJ7Qm bOkUiiARfbyTHAFu3fD9FJJ5fZldj4zIRRs0VkZeVGVHGekEtCCgbhgvnn+0zg+AypVnXF OGpFGsLicBonfVGz1NQSb3+my4CWfmNTZqK9wQPWa/uGkVgfKe1qXbfBR2/WlFkqZnN8W0 aW3fhXhjuUpmfmksklqyCbbZilPQOSreELvqKFqhlfN6YkpnP3kidih9yp+3Wg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708529857; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uc/3a8VyMzG9r1UoZ/I+zDoidHSrjfNVCPIew+01Zgw=; b=qSeHE1FqTYZmG5oiVXYD5Vt2ipshNzXMNnzD/B6p0qw7Tq6OUSCmFXmpy9gps09ks4JuJK AkcfOtOHB3Xuw7+YwewCNLUxpQyOKMh05fn18Vp1EIeQp60xXZHCtKBttWm7ffSB54ZQnT Ry1jwr/fqHS66sxb1eBKAMCZnt1HaWMKAHjI3q9svdS0QcDyQjl1OBRmenVHsPAMr2vDjg Y39vlysR383SaC0QOIBcXNcICH1yAi5qsQAwSAU6j6snelW9c0p1eHY+lpZEhxG3v2575w dtF9ppHzTnB8gPMiV6vBpuzrtgFlf9Kk7fm42zBTCEEmwXkwfxvMUogPmnoCHw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1708529857; a=rsa-sha256; cv=none; b=FV97aDmT0xR2OOluGACXr0lpNFRvlbaOPlgyuq2OKKvXnLmuQWMPsKNrdFphZshHlhePAz TaM914wsL28o74RtfM99JgU+d01D93cxXTMDpcvK+5QiviJybxTgeqX2aZHT0QtwEctUWJ X3wsegO3+Z5JobR1XmuO+qlfrYcY3rSPa2z/wPB0XRiXa4SNXrmn/H5fKuCBfie3RYAThf 1EYCVJ9mg0FMHm8YhvXuVbcz8TpgrvFoQUfb8XH9OjZTO7i9pFBV/w7Akvx4e+ARRddPMK Cy9n3j9sDxQz7KFDyKtFaGPZ7u/qcIT5pxg+/rfUDJsJ+n3ctVj2SoWrEkgLLw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Tg0lN73T6z17Hx; Wed, 21 Feb 2024 15:37:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 41LFba4D087559; Wed, 21 Feb 2024 15:37:36 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 41LFbad3087555; Wed, 21 Feb 2024 15:37:36 GMT (envelope-from git) Date: Wed, 21 Feb 2024 15:37:36 GMT Message-Id: <202402211537.41LFbad3087555@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Po-Chuan Hsieh Subject: git: cec0df258ede - main - security/p5-Net-SSLeay: Update to 1.94 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: sunpoet X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: cec0df258ede61cba03529c8b8d12954a172f4c2 Auto-Submitted: auto-generated The branch main has been updated by sunpoet: URL: https://cgit.FreeBSD.org/ports/commit/?id=cec0df258ede61cba03529c8b8d12954a172f4c2 commit cec0df258ede61cba03529c8b8d12954a172f4c2 Author: Po-Chuan Hsieh AuthorDate: 2024-02-21 15:01:30 +0000 Commit: Po-Chuan Hsieh CommitDate: 2024-02-21 15:11:06 +0000 security/p5-Net-SSLeay: Update to 1.94 Changes: https://metacpan.org/dist/Net-SSLeay/changes --- security/p5-Net-SSLeay/Makefile | 2 +- security/p5-Net-SSLeay/distinfo | 6 +- security/p5-Net-SSLeay/files/patch-SSLeay.xs | 377 --------------------------- 3 files changed, 4 insertions(+), 381 deletions(-) diff --git a/security/p5-Net-SSLeay/Makefile b/security/p5-Net-SSLeay/Makefile index eefbc680ed48..a9aee20bf7a7 100644 --- a/security/p5-Net-SSLeay/Makefile +++ b/security/p5-Net-SSLeay/Makefile @@ -1,5 +1,5 @@ PORTNAME= Net-SSLeay -PORTVERSION= 1.92 +PORTVERSION= 1.94 CATEGORIES= security perl5 MASTER_SITES= CPAN PKGNAMEPREFIX= p5- diff --git a/security/p5-Net-SSLeay/distinfo b/security/p5-Net-SSLeay/distinfo index 1e4e34428564..6e0bdf82f6ba 100644 --- a/security/p5-Net-SSLeay/distinfo +++ b/security/p5-Net-SSLeay/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1650229134 -SHA256 (Net-SSLeay-1.92.tar.gz) = 47c2f2b300f2e7162d71d699f633dd6a35b0625a00cbda8c50ac01144a9396a9 -SIZE (Net-SSLeay-1.92.tar.gz) = 555930 +TIMESTAMP = 1708450710 +SHA256 (Net-SSLeay-1.94.tar.gz) = 9d7be8a56d1bedda05c425306cc504ba134307e0c09bda4a788c98744ebcd95d +SIZE (Net-SSLeay-1.94.tar.gz) = 663948 diff --git a/security/p5-Net-SSLeay/files/patch-SSLeay.xs b/security/p5-Net-SSLeay/files/patch-SSLeay.xs deleted file mode 100644 index 86e7f180e577..000000000000 --- a/security/p5-Net-SSLeay/files/patch-SSLeay.xs +++ /dev/null @@ -1,377 +0,0 @@ ---- SSLeay.xs.orig 2022-01-10 19:05:48 UTC -+++ SSLeay.xs -@@ -685,7 +685,6 @@ static int ssleay_ctx_passwd_cb_invoke(char *buf, int - } - - #if OPENSSL_VERSION_NUMBER >= 0x1010006fL /* In OpenSSL 1.1.0 but actually called for $ssl from 1.1.0f */ --#ifndef LIBRESSL_VERSION_NUMBER - #ifndef OPENSSL_IS_BORINGSSL - static int ssleay_ssl_passwd_cb_invoke(char *buf, int size, int rwflag, void *userdata) - { -@@ -732,7 +731,6 @@ static int ssleay_ssl_passwd_cb_invoke(char *buf, int - return strlen(buf); - } - #endif /* !BoringSSL */ --#endif /* !LibreSSL */ - #endif /* >= 1.1.0f */ - - int ssleay_ctx_cert_verify_cb_invoke(X509_STORE_CTX* x509_store_ctx, void* data) -@@ -1138,7 +1136,7 @@ int next_proto_helper_protodata2AV(AV * list, const un - - #endif - --#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) - - int next_proto_select_cb_invoke(SSL *ssl, unsigned char **out, unsigned char *outlen, - const unsigned char *in, unsigned int inlen, void *arg) -@@ -1767,7 +1765,7 @@ int ossl_provider_do_all_cb_invoke(OSSL_PROVIDER *prov - } - #endif - --#if OPENSSL_VERSION_NUMBER >= 0x10101001 && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101001 - void ssl_ctx_keylog_cb_func_invoke(const SSL *ssl, const char *line) - { - dSP; -@@ -2009,7 +2007,7 @@ const char * - SSLeay_version(type=SSLEAY_VERSION) - int type - --#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - - unsigned long - OpenSSL_version_num() -@@ -2180,7 +2178,7 @@ SSL_CTX_set_verify(ctx,mode,callback=&PL_sv_undef) - SSL_CTX_set_verify(ctx, mode, &ssleay_verify_callback_invoke); - } - --#if OPENSSL_VERSION_NUMBER >= 0x10100001L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10100001L - - void - SSL_CTX_set_security_level(SSL_CTX * ctx, int level) -@@ -2190,7 +2188,7 @@ SSL_CTX_get_security_level(SSL_CTX * ctx) - - #endif - --#if OPENSSL_VERSION_NUMBER >= 0x10101007L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101007L - - int - SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets) -@@ -2200,14 +2198,14 @@ SSL_CTX_get_num_tickets(SSL_CTX *ctx) - - #endif - --#if OPENSSL_VERSION_NUMBER >= 0x10101003L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101003L - - int - SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str) - - #endif - --#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */ -+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL - - void - SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val) -@@ -2395,7 +2393,7 @@ SSL_peek(s,max=32768) - } - Safefree(buf); - --#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */ -+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL - - void - SSL_read_ex(s,max=32768) -@@ -2631,7 +2629,7 @@ int - SSL_pending(s) - SSL * s - --#if OPENSSL_VERSION_NUMBER >= 0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.0 */ -+#if OPENSSL_VERSION_NUMBER >= 0x1010000fL - - int - SSL_has_pending(s) -@@ -2750,7 +2748,7 @@ void - SSL_SESSION_free(ses) - SSL_SESSION * ses - --#if OPENSSL_VERSION_NUMBER >= 0x10101001L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101001L - - int - SSL_SESSION_is_resumable(ses) -@@ -2761,7 +2759,7 @@ SSL_SESSION_dup(sess) - SSL_SESSION * sess - - #endif --#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.1 */ -+#if OPENSSL_VERSION_NUMBER >= 0x1010100fL - - void - SSL_set_post_handshake_auth(SSL *ssl, int val) -@@ -2800,7 +2798,7 @@ d2i_SSL_SESSION(pv) - OUTPUT: - RETVAL - --#if (OPENSSL_VERSION_NUMBER >= 0x10100004L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100004L - - int - SSL_SESSION_up_ref(sess) -@@ -3081,7 +3079,6 @@ SSL_CTX_set_tlsext_servername_callback(ctx,callback=&P - #endif - - #if OPENSSL_VERSION_NUMBER >= 0x1010006fL /* In OpenSSL 1.1.0 but actually called for $ssl starting from 1.1.0f */ --#ifndef LIBRESSL_VERSION_NUMBER - #ifndef OPENSSL_IS_BORINGSSL - void - SSL_set_default_passwd_cb(ssl,callback=&PL_sv_undef) -@@ -3113,10 +3110,9 @@ SSL_set_default_passwd_cb_userdata(ssl,data=&PL_sv_und - } - - #endif /* !BoringSSL */ --#endif /* !LibreSSL */ - #endif /* >= 1.1.0f */ - --#if OPENSSL_VERSION_NUMBER >= 0x10100001L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10100001L - - void - SSL_set_security_level(SSL * ssl, int level) -@@ -3126,7 +3122,7 @@ SSL_get_security_level(SSL * ssl) - - #endif - --#if OPENSSL_VERSION_NUMBER >= 0x10101007L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101007L - - int - SSL_set_num_tickets(SSL *ssl, size_t num_tickets) -@@ -3136,7 +3132,7 @@ SSL_get_num_tickets(SSL *ssl) - - #endif - --#if OPENSSL_VERSION_NUMBER >= 0x10101003L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101003L - - int - SSL_set_ciphersuites(SSL *ssl, const char *str) -@@ -3270,7 +3266,7 @@ RAND_bytes(buf, num) - OUTPUT: - RETVAL - --#if OPENSSL_VERSION_NUMBER >= 0x10101001L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101001L - - int - RAND_priv_bytes(buf, num) -@@ -3361,7 +3357,7 @@ RAND_write_file(file_name) - - #define REM40 "Minimal X509 stuff..., this is a bit ugly and should be put in its own modules Net::SSLeay::X509.pm" - --#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2050000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL - - int - X509_check_host(X509 *cert, const char *name, unsigned int flags = 0, SV *peername = &PL_sv_undef) -@@ -3465,7 +3461,7 @@ X509_get_pubkey(X509 *x) - ASN1_INTEGER * - X509_get_serialNumber(X509 *x) - --#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2080100fL) -+#if OPENSSL_VERSION_NUMBER >= 0x1010000fL - - const ASN1_INTEGER * - X509_get0_serialNumber(const X509 *x) -@@ -3952,7 +3948,7 @@ X509 * - X509_STORE_CTX_get_current_cert(x509_store_ctx) - X509_STORE_CTX * x509_store_ctx - --#if (OPENSSL_VERSION_NUMBER >= 0x10100005L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) /* OpenSSL 1.1.0-pre5, LibreSSL 2.7.0 */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L - - X509 * - X509_STORE_CTX_get0_cert(x509_store_ctx) -@@ -5063,7 +5059,7 @@ TLSv1_2_client_method() - #endif - - --#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x20020002L) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - - const SSL_METHOD * - TLS_method() -@@ -5077,7 +5073,7 @@ TLS_client_method() - #endif /* OpenSSL 1.1.0 or LibreSSL 2.2.2 */ - - --#if (OPENSSL_VERSION_NUMBER >= 0x10100002L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2060000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100002L - - int - SSL_CTX_set_min_proto_version(ctx, version) -@@ -5102,7 +5098,7 @@ SSL_set_max_proto_version(ssl, version) - #endif /* OpenSSL 1.1.0-pre2 or LibreSSL 2.6.0 */ - - --#if OPENSSL_VERSION_NUMBER >= 0x1010007fL && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x1010007fL - - int - SSL_CTX_get_min_proto_version(ctx) -@@ -5451,7 +5447,7 @@ SSL_CTX_use_certificate_chain_file(ctx,file) - const char * file - - --#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - - int - SSL_use_certificate_chain_file(ssl,file) -@@ -5698,7 +5694,7 @@ SSL_CTX_set_msg_callback(ctx,callback,data=&PL_sv_unde - } - - --#if OPENSSL_VERSION_NUMBER >= 0x10101001 && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10101001 - - void - SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SV *callback) -@@ -5766,7 +5762,7 @@ int - SSL_version(ssl) - SSL * ssl - --#if OPENSSL_VERSION_NUMBER >= 0x10100006L && !defined(LIBRESSL_VERSION_NUMBER) /* 1.1.0-pre6 */ -+#if OPENSSL_VERSION_NUMBER >= 0x10100006L - - int - SSL_client_version(ssl) -@@ -6231,7 +6227,7 @@ RSA_generate_key(bits,ee,perl_cb=&PL_sv_undef,perl_dat - BN_free(e); - croak("Net::SSLeay: RSA_generate_key perl function could not create RSA structure.\n"); - } --#if (OPENSSL_VERSION_NUMBER >= 0x10100001L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100001L - BN_GENCB *new_cb; - new_cb = BN_GENCB_new(); - if(!new_cb) { -@@ -6278,7 +6274,7 @@ RSA_generate_key(bits,e,perl_cb=&PL_sv_undef,perl_data - - #endif - --#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - - void - RSA_get_key_parameters(rsa) -@@ -6449,7 +6445,7 @@ SSL_total_renegotiations(ssl) - OUTPUT: - RETVAL - --#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - void - SSL_SESSION_get_master_key(s) - SSL_SESSION * s -@@ -6489,7 +6485,7 @@ SSL_SESSION_set_master_key(s,key) - - #endif - --#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - - void - SSL_get_client_random(s) -@@ -6516,7 +6512,7 @@ SSL_get_client_random(s) - - #endif - --#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - - void - SSL_get_server_random(s) -@@ -6547,7 +6543,7 @@ int - SSL_get_keyblock_size(s) - SSL * s - CODE: --#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - const SSL_CIPHER *ssl_cipher; - int cipher = NID_undef, digest = NID_undef, mac_secret_size = 0; - const EVP_CIPHER *c = NULL; -@@ -6932,7 +6928,7 @@ X509_VERIFY_PARAM_lookup(name) - void - X509_VERIFY_PARAM_table_cleanup() - --#if (OPENSSL_VERSION_NUMBER >= 0x10002001L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) /* OpenSSL 1.0.2-beta1, LibreSSL 2.7.0 */ -+#if OPENSSL_VERSION_NUMBER >= 0x10002001L - - X509_VERIFY_PARAM * - SSL_CTX_get0_param(ctx) -@@ -6985,7 +6981,7 @@ X509_VERIFY_PARAM_set1_ip_asc(param, ipasc) - - #endif /* OpenSSL 1.0.2-beta1, LibreSSL 2.7.0 */ - --#if (OPENSSL_VERSION_NUMBER >= 0x10002002L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) /* OpenSSL 1.0.2-beta2, LibreSSL 2.7.0 */ -+#if OPENSSL_VERSION_NUMBER >= 0x10002002L - - int - X509_VERIFY_PARAM_add1_host(param, name) -@@ -7010,6 +7006,7 @@ X509_VERIFY_PARAM_get0_peername(param) - - #endif /* OpenSSL 1.0.2-beta2, LibreSSL 2.7.0 */ - -+#if !defined(LIBRESSL_VERSION_NUMBER) || (LIBRESSL_VERSION_NUMBER < 0x3080000fL) /* LibreSSL < 3.8.0 */ - void - X509_policy_tree_free(tree) - X509_POLICY_TREE *tree -@@ -7052,6 +7049,7 @@ const X509_POLICY_NODE * - X509_policy_node_get0_parent(node) - const X509_POLICY_NODE *node - -+#endif /* !(LibreSSL >= 3.8.0) */ - #endif - - ASN1_OBJECT * -@@ -7197,7 +7195,7 @@ ASN1_OBJECT * - P_X509_get_signature_alg(x) - X509 * x - CODE: --#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L - RETVAL = (X509_get0_tbs_sigalg(x)->algorithm); - #else - RETVAL = (x->cert_info->signature->algorithm); -@@ -7239,7 +7237,7 @@ X509_get_X509_PUBKEY(x) - XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); - Safefree(pc); - --#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) - - int - SSL_CTX_set_next_protos_advertised_cb(ctx,callback,data=&PL_sv_undef) -@@ -7690,7 +7688,7 @@ OCSP_response_results(rsp,...) - if (!idsv) { - /* getall: create new SV with OCSP_CERTID */ - unsigned char *pi,*pc; --#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10100003L - int len = i2d_OCSP_CERTID((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(sir),NULL); - #else - int len = i2d_OCSP_CERTID(sir->certId,NULL); -@@ -7699,7 +7697,7 @@ OCSP_response_results(rsp,...) - Newx(pc,len,unsigned char); - if (!pc) croak("out of memory"); - pi = pc; --#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER >= 0x10100003L - i2d_OCSP_CERTID((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(sir),&pi); - #else - i2d_OCSP_CERTID(sir->certId,&pi);