Attachment #247053 for bug #266670

View | Details | Raw Unified | Return to bug 266670 | Differences between
Collapse All | Expand All




https://github.com/sfackler/rust-openssl/commit/fc1ca1f6c7251e79e51284d10bb2310eda7f9355

From fc1ca1f6c7251e79e51284d10bb2310eda7f9355 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Fri, 1 Sep 2023 08:51:22 -0400
Subject: [PATCH] LibreSSL 3.8.1 support

---
 openssl-sys/build/cfgs.rs | 3 +++
 openssl-sys/build/main.rs | 5 +++--
 openssl-sys/src/crypto.rs | 2 +-
 4 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
index 2f3ff3eafd..34a58f7d68 100644
--- vendor/openssl-sys/build/cfgs.rs
+++ vendor/openssl-sys/build/cfgs.rs
@@ -53,6 +53,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
         if libressl_version >= 0x3_07_00_00_0 {
             cfgs.push("libressl370");
         }
+        if libressl_version >= 0x3_08_01_00_0 {
+            cfgs.push("libressl381");
+        }
     } else {
         let openssl_version = openssl_version.unwrap();
 
diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs
index 21ccf3d037..82013b6c7d 100644
--- vendor/openssl-sys/build/main.rs
+++ vendor/openssl-sys/build/main.rs
@@ -273,6 +273,7 @@ See rust-openssl documentation for more information:
             (3, 7, 1) => ('3', '7', '1'),
             (3, 7, _) => ('3', '7', 'x'),
             (3, 8, 0) => ('3', '8', '0'),
+            (3, 8, 1) => ('3', '8', '1'),
             _ => version_error(),
         };
 
@@ -314,8 +315,8 @@ fn version_error() -> ! {
     panic!(
         "
 
-This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3.0.0), or LibreSSL 2.5
-through 3.8.0, but a different version of OpenSSL was found. The build is now aborting
+This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3), or LibreSSL 2.5
+through 3.8.1, but a different version of OpenSSL was found. The build is now aborting
 due to this version mismatch.
 
 "
diff --git a/openssl-sys/src/crypto.rs b/openssl-sys/src/crypto.rs
index 35be07eada..bdc0add156 100644
--- vendor/openssl-sys/src/crypto.rs
+++ vendor/openssl-sys/src/crypto.rs
@@ -106,7 +106,7 @@ pub const CRYPTO_LOCK_SSL_CTX: c_int = 12;
 pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14;
 
 cfg_if! {
-    if #[cfg(ossl110)] {
+    if #[cfg(any(ossl110, libressl381))] {
         pub const CRYPTO_EX_INDEX_SSL: c_int = 0;
         pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1;
     } else if #[cfg(libressl)] {
https://github.com/sfackler/rust-openssl/commit/35c8e90b76d0f7a0b4064a0299d2fc529f9707a3

From 35c8e90b76d0f7a0b4064a0299d2fc529f9707a3 Mon Sep 17 00:00:00 2001
From: Theo Buehler <tb@openbsd.org>
Date: Fri, 20 Oct 2023 01:33:10 +0200
Subject: [PATCH] Make X509_ALGOR opaque for LibreSSL

The struct is still public because that is also the case in OpenSSL, but
it should no longer be accessed directly.
---
 openssl-sys/build/cfgs.rs            | 3 +++
 openssl-sys/src/handwritten/types.rs | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
index 8ee6f62373..ac7fe28596 100644
--- vendor/openssl-sys/build/cfgs.rs
+++ vendor/openssl-sys/build/cfgs.rs
@@ -56,6 +56,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
         if libressl_version >= 0x3_08_01_00_0 {
             cfgs.push("libressl381");
         }
+        if libressl_version >= 0x3_08_02_00_0 {
+            cfgs.push("libressl382");
+        }
     } else {
         let openssl_version = openssl_version.unwrap();
 
diff --git a/openssl-sys/src/handwritten/types.rs b/openssl-sys/src/handwritten/types.rs
index 06354728f2..a03a878305 100644
--- vendor/openssl-sys/src/handwritten/types.rs
+++ vendor/openssl-sys/src/handwritten/types.rs
@@ -329,7 +329,7 @@ cfg_if! {
     }
 }
 cfg_if! {
-    if #[cfg(ossl110)] {
+    if #[cfg(any(ossl110, libressl382))] {
         pub enum X509_ALGOR {}
     } else {
         #[repr(C)]
https://github.com/sfackler/rust-openssl/commit/01cc521c7ee12fb2a907b7b83e372974c3f7c2bf

From 01cc521c7ee12fb2a907b7b83e372974c3f7c2bf Mon Sep 17 00:00:00 2001
From: Theo Buehler <tb@openbsd.org>
Date: Sat, 21 Oct 2023 00:24:12 +0200
Subject: [PATCH] Enable SHA-3 for LibreSSL 3.8.0

---
 openssl-sys/build/cfgs.rs          |  3 +++
 openssl-sys/src/handwritten/evp.rs |  8 ++++----
 openssl-sys/src/obj_mac.rs         |  8 ++++++++
 openssl/build.rs                   |  3 +++
 openssl/src/hash.rs                | 16 ++++++++--------
 openssl/src/md.rs                  |  8 ++++----
 openssl/src/nid.rs                 |  8 ++++----
 7 files changed, 34 insertions(+), 20 deletions(-)

diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
index ac7fe28596..2454ef66a4 100644
--- vendor/openssl-sys/build/cfgs.rs
+++ vendor/openssl-sys/build/cfgs.rs
@@ -53,6 +53,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
         if libressl_version >= 0x3_07_00_00_0 {
             cfgs.push("libressl370");
         }
+        if libressl_version >= 0x3_08_00_00_0 {
+            cfgs.push("libressl380");
+        }
         if libressl_version >= 0x3_08_01_00_0 {
             cfgs.push("libressl381");
         }
diff --git a/openssl-sys/src/handwritten/evp.rs b/openssl-sys/src/handwritten/evp.rs
index 5a112fe8a1..87deae2ac9 100644
--- vendor/openssl-sys/src/handwritten/evp.rs
+++ vendor/openssl-sys/src/handwritten/evp.rs
@@ -294,13 +294,13 @@ extern "C" {
     pub fn EVP_sha256() -> *const EVP_MD;
     pub fn EVP_sha384() -> *const EVP_MD;
     pub fn EVP_sha512() -> *const EVP_MD;
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn EVP_sha3_224() -> *const EVP_MD;
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn EVP_sha3_256() -> *const EVP_MD;
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn EVP_sha3_384() -> *const EVP_MD;
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn EVP_sha3_512() -> *const EVP_MD;
     #[cfg(ossl111)]
     pub fn EVP_shake128() -> *const EVP_MD;
diff --git a/openssl-sys/src/obj_mac.rs b/openssl-sys/src/obj_mac.rs
index 1b24c3cbd8..93aa5cdff9 100644
--- vendor/openssl-sys/src/obj_mac.rs
+++ vendor/openssl-sys/src/obj_mac.rs
@@ -976,12 +976,20 @@ pub const NID_sm4_ctr: c_int = 1139;
 pub const NID_sm4_ctr: c_int = 979;
 #[cfg(ossl111)]
 pub const NID_sha3_224: c_int = 1096;
+#[cfg(libressl380)]
+pub const NID_sha3_224: c_int = 1031;
 #[cfg(ossl111)]
 pub const NID_sha3_256: c_int = 1097;
+#[cfg(libressl380)]
+pub const NID_sha3_256: c_int = 1032;
 #[cfg(ossl111)]
 pub const NID_sha3_384: c_int = 1098;
+#[cfg(libressl380)]
+pub const NID_sha3_384: c_int = 1033;
 #[cfg(ossl111)]
 pub const NID_sha3_512: c_int = 1099;
+#[cfg(libressl380)]
+pub const NID_sha3_512: c_int = 1034;
 #[cfg(ossl111)]
 pub const NID_shake128: c_int = 1100;
 #[cfg(ossl111)]
diff --git a/openssl/build.rs b/openssl/build.rs
index 4a5b6289ae..93ef534d27 100644
--- vendor/openssl/build.rs
+++ vendor/openssl/build.rs
@@ -66,6 +66,9 @@ fn main() {
         if version >= 0x3_07_00_00_0 {
             println!("cargo:rustc-cfg=libressl370");
         }
+        if version >= 0x3_08_00_00_0 {
+            println!("cargo:rustc-cfg=libressl380");
+        }
     }
 
     if let Ok(vars) = env::var("DEP_OPENSSL_CONF") {
diff --git a/openssl/src/hash.rs b/openssl/src/hash.rs
index 7592758101..9fa9ef3e37 100644
--- vendor/openssl/src/hash.rs
+++ vendor/openssl/src/hash.rs
@@ -127,22 +127,22 @@ impl MessageDigest {
         unsafe { MessageDigest(ffi::EVP_sha512()) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn sha3_224() -> MessageDigest {
         unsafe { MessageDigest(ffi::EVP_sha3_224()) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn sha3_256() -> MessageDigest {
         unsafe { MessageDigest(ffi::EVP_sha3_256()) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn sha3_384() -> MessageDigest {
         unsafe { MessageDigest(ffi::EVP_sha3_384()) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub fn sha3_512() -> MessageDigest {
         unsafe { MessageDigest(ffi::EVP_sha3_512()) }
     }
@@ -624,7 +624,7 @@ mod tests {
         );
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[test]
     fn test_sha3_224() {
         let tests = [(
@@ -644,7 +644,7 @@ mod tests {
         );
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[test]
     fn test_sha3_256() {
         let tests = [(
@@ -664,7 +664,7 @@ mod tests {
         );
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[test]
     fn test_sha3_384() {
         let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
@@ -684,7 +684,7 @@ mod tests {
         );
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[test]
     fn test_sha3_512() {
         let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
diff --git a/openssl/src/md.rs b/openssl/src/md.rs
index 8f191afebe..08e4aacf3e 100644
--- vendor/openssl/src/md.rs
+++ vendor/openssl/src/md.rs
@@ -150,25 +150,25 @@ impl Md {
         unsafe { MdRef::from_ptr(ffi::EVP_sha512() as *mut _) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[inline]
     pub fn sha3_224() -> &'static MdRef {
         unsafe { MdRef::from_ptr(ffi::EVP_sha3_224() as *mut _) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[inline]
     pub fn sha3_256() -> &'static MdRef {
         unsafe { MdRef::from_ptr(ffi::EVP_sha3_256() as *mut _) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[inline]
     pub fn sha3_384() -> &'static MdRef {
         unsafe { MdRef::from_ptr(ffi::EVP_sha3_384() as *mut _) }
     }
 
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     #[inline]
     pub fn sha3_512() -> &'static MdRef {
         unsafe { MdRef::from_ptr(ffi::EVP_sha3_512() as *mut _) }
diff --git a/openssl/src/nid.rs b/openssl/src/nid.rs
index 91fcdeca9d..a78d0e660c 100644
--- vendor/openssl/src/nid.rs
+++ vendor/openssl/src/nid.rs
@@ -1078,13 +1078,13 @@ impl Nid {
     pub const SM2: Nid = Nid(ffi::NID_sm2);
     #[cfg(any(ossl111, libressl291))]
     pub const SM3: Nid = Nid(ffi::NID_sm3);
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub const SHA3_224: Nid = Nid(ffi::NID_sha3_224);
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub const SHA3_256: Nid = Nid(ffi::NID_sha3_256);
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub const SHA3_384: Nid = Nid(ffi::NID_sha3_384);
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl380))]
     pub const SHA3_512: Nid = Nid(ffi::NID_sha3_512);
     #[cfg(ossl111)]
     pub const SHAKE128: Nid = Nid(ffi::NID_shake128);
https://github.com/sfackler/rust-openssl/commit/6f6e5c4f02c370c594ccf404a4a67e366d26ad1c

From 6f6e5c4f02c370c594ccf404a4a67e366d26ad1c Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Thu, 2 Nov 2023 21:50:11 -0700
Subject: [PATCH] fixes #2050 -- build and test on libressl 3.8.2

---
 openssl-sys/build/main.rs | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs
index cd732ca46a..bbee7c5c0d 100644
--- vendor/openssl-sys/build/main.rs
+++ vendor/openssl-sys/build/main.rs
@@ -292,6 +292,7 @@ See rust-openssl documentation for more information:
             (3, 7, _) => ('3', '7', 'x'),
             (3, 8, 0) => ('3', '8', '0'),
             (3, 8, 1) => ('3', '8', '1'),
+            (3, 8, _) => ('3', '8', 'x'),
             _ => version_error(),
         };
 
From 8a4db4b25154bf3b7fc7b123af4e7787ef9a13e2 Mon Sep 17 00:00:00 2001
From: Theo Buehler <tb@openbsd.org>
Date: Sat, 9 Dec 2023 19:24:59 +0100
Subject: [PATCH 1/2] X509_PURPOSE_get0() will return a const pointer

---
 openssl-sys/build/cfgs.rs           | 3 +++
 openssl-sys/src/handwritten/x509.rs | 4 +---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
index 2454ef66a4..91cb734c34 100644
--- vendor/openssl-sys/build/cfgs.rs
+++ vendor/openssl-sys/build/cfgs.rs
@@ -62,6 +62,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
         if libressl_version >= 0x3_08_02_00_0 {
             cfgs.push("libressl382");
         }
+        if libressl_version >= 0x3_09_00_00_0 {
+            cfgs.push("libressl390");
+        }
     } else {
         let openssl_version = openssl_version.unwrap();
 
diff --git a/openssl-sys/src/handwritten/x509.rs b/openssl-sys/src/handwritten/x509.rs
index a93142cd2a..107e8182d1 100644
--- vendor/openssl-sys/src/handwritten/x509.rs
+++ vendor/openssl-sys/src/handwritten/x509.rs
@@ -700,10 +700,8 @@ pub struct X509_PURPOSE {
 const_ptr_api! {
     extern "C" {
         pub fn X509_PURPOSE_get_by_sname(sname: #[const_ptr_if(any(ossl110, libressl280))] c_char) -> c_int;
+        pub fn X509_PURPOSE_get0(idx: c_int) -> #[const_ptr_if(libressl390)] X509_PURPOSE;
     }
-}
-extern "C" {
-    pub fn X509_PURPOSE_get0(idx: c_int) -> *mut X509_PURPOSE;
 }
 
 extern "C" {
From 4d83202cb5a911c05e58aa1cc53d5556a3bd0c32 Mon Sep 17 00:00:00 2001
From: Theo Buehler <tb@openbsd.org>
Date: Sat, 9 Dec 2023 19:27:37 +0100
Subject: [PATCH 2/2] X509V3_EXT_add_alias() will be removed

---
 openssl-sys/src/handwritten/x509v3.rs | 1 +
 openssl/build.rs                      | 3 +++
 openssl/src/x509/mod.rs               | 1 +
 3 files changed, 5 insertions(+)

diff --git a/openssl-sys/src/handwritten/x509v3.rs b/openssl-sys/src/handwritten/x509v3.rs
index 2f59bf6663..1a548c0e25 100644
--- vendor/openssl-sys/src/handwritten/x509v3.rs
+++ vendor/openssl-sys/src/handwritten/x509v3.rs
@@ -84,6 +84,7 @@ const_ptr_api! {
 }
 
 extern "C" {
+    #[cfg(not(libressl390))]
     pub fn X509V3_EXT_add_alias(nid_to: c_int, nid_from: c_int) -> c_int;
     pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void;
     pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION;
diff --git a/openssl/build.rs b/openssl/build.rs
index 87a9fa06f5..7677abc086 100644
--- vendor/openssl/build.rs
+++ vendor/openssl/build.rs
@@ -72,6 +72,9 @@ fn main() {
         if version >= 0x3_08_02_00_0 {
             println!("cargo:rustc-cfg=libressl382");
         }
+        if version >= 0x3_09_00_00_0 {
+            println!("cargo:rustc-cfg=libressl390");
+        }
     }
 
     if let Ok(vars) = env::var("DEP_OPENSSL_CONF") {
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index c918fed667..115193ee05 100644
--- vendor/openssl/src/x509/mod.rs
+++ vendor/openssl/src/x509/mod.rs
@@ -1018,6 +1018,7 @@ impl X509Extension {
     /// # Safety
     ///
     /// This method modifies global state without locking and therefore is not thread safe
+    #[cfg(not(libressl390))]
     #[corresponds(X509V3_EXT_add_alias)]
     #[deprecated(
         note = "Use x509::extension types or new_from_der and then this is not necessary",

Return to bug 266670

Added Link Here

(-)b/lang/rust/files/patch-libressl (-1 / +431 lines)
0	-	1	https://github.com/sfackler/rust-openssl/commit/fc1ca1f6c7251e79e51284d10bb2310eda7f9355
		2
		3	From fc1ca1f6c7251e79e51284d10bb2310eda7f9355 Mon Sep 17 00:00:00 2001
		4	From: Alex Gaynor <alex.gaynor@gmail.com>
		5	Date: Fri, 1 Sep 2023 08:51:22 -0400
		6	Subject: [PATCH] LibreSSL 3.8.1 support
		7
		8	---
		9	openssl-sys/build/cfgs.rs \| 3 +++
		10	openssl-sys/build/main.rs \| 5 +++--
		11	openssl-sys/src/crypto.rs \| 2 +-
		12	4 files changed, 8 insertions(+), 4 deletions(-)
		13
		14	diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
		15	index 2f3ff3eafd..34a58f7d68 100644
		16	--- vendor/openssl-sys/build/cfgs.rs
		17	+++ vendor/openssl-sys/build/cfgs.rs
		18	@@ -53,6 +53,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
		19	if libressl_version >= 0x3_07_00_00_0 {
		20	cfgs.push("libressl370");
		21	}
		22	+ if libressl_version >= 0x3_08_01_00_0 {
		23	+ cfgs.push("libressl381");
		24	+ }
		25	} else {
		26	let openssl_version = openssl_version.unwrap();
		27
		28	diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs
		29	index 21ccf3d037..82013b6c7d 100644
		30	--- vendor/openssl-sys/build/main.rs
		31	+++ vendor/openssl-sys/build/main.rs
		32	@@ -273,6 +273,7 @@ See rust-openssl documentation for more information:
		33	(3, 7, 1) => ('3', '7', '1'),
		34	(3, 7, _) => ('3', '7', 'x'),
		35	(3, 8, 0) => ('3', '8', '0'),
		36	+ (3, 8, 1) => ('3', '8', '1'),
		37	_ => version_error(),
		38	};
		39
		40	@@ -314,8 +315,8 @@ fn version_error() -> ! {
		41	panic!(
		42	"
		43
		44	-This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3.0.0), or LibreSSL 2.5
		45	-through 3.8.0, but a different version of OpenSSL was found. The build is now aborting
		46	+This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3), or LibreSSL 2.5
		47	+through 3.8.1, but a different version of OpenSSL was found. The build is now aborting
		48	due to this version mismatch.
		49
		50	"
		51	diff --git a/openssl-sys/src/crypto.rs b/openssl-sys/src/crypto.rs
		52	index 35be07eada..bdc0add156 100644
		53	--- vendor/openssl-sys/src/crypto.rs
		54	+++ vendor/openssl-sys/src/crypto.rs
		55	@@ -106,7 +106,7 @@ pub const CRYPTO_LOCK_SSL_CTX: c_int = 12;
		56	pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14;
		57
		58	cfg_if! {
		59	- if #[cfg(ossl110)] {
		60	+ if #[cfg(any(ossl110, libressl381))] {
		61	pub const CRYPTO_EX_INDEX_SSL: c_int = 0;
		62	pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1;
		63	} else if #[cfg(libressl)] {
		64	https://github.com/sfackler/rust-openssl/commit/35c8e90b76d0f7a0b4064a0299d2fc529f9707a3
		65
66	From 35c8e90b76d0f7a0b4064a0299d2fc529f9707a3 Mon Sep 17 00:00:00 2001
67	From: Theo Buehler <tb@openbsd.org>
68	Date: Fri, 20 Oct 2023 01:33:10 +0200
69	Subject: [PATCH] Make X509_ALGOR opaque for LibreSSL
70
71	The struct is still public because that is also the case in OpenSSL, but
72	it should no longer be accessed directly.
73	---
74	openssl-sys/build/cfgs.rs \| 3 +++
75	openssl-sys/src/handwritten/types.rs \| 2 +-
76	2 files changed, 4 insertions(+), 1 deletion(-)
77
78	diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
79	index 8ee6f62373..ac7fe28596 100644
80	--- vendor/openssl-sys/build/cfgs.rs
81	+++ vendor/openssl-sys/build/cfgs.rs
82	@@ -56,6 +56,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
83	if libressl_version >= 0x3_08_01_00_0 {
84	cfgs.push("libressl381");
85	}
86	+ if libressl_version >= 0x3_08_02_00_0 {
87	+ cfgs.push("libressl382");
88	+ }
89	} else {
90	let openssl_version = openssl_version.unwrap();
91
92	diff --git a/openssl-sys/src/handwritten/types.rs b/openssl-sys/src/handwritten/types.rs
93	index 06354728f2..a03a878305 100644
94	--- vendor/openssl-sys/src/handwritten/types.rs
95	+++ vendor/openssl-sys/src/handwritten/types.rs
96	@@ -329,7 +329,7 @@ cfg_if! {
97	}
98	}
99	cfg_if! {
100	- if #[cfg(ossl110)] {
101	+ if #[cfg(any(ossl110, libressl382))] {
102	pub enum X509_ALGOR {}
103	} else {
104	#[repr(C)]
105	https://github.com/sfackler/rust-openssl/commit/01cc521c7ee12fb2a907b7b83e372974c3f7c2bf
106
107	From 01cc521c7ee12fb2a907b7b83e372974c3f7c2bf Mon Sep 17 00:00:00 2001
108	From: Theo Buehler <tb@openbsd.org>
109	Date: Sat, 21 Oct 2023 00:24:12 +0200
110	Subject: [PATCH] Enable SHA-3 for LibreSSL 3.8.0
111
112	---
113	openssl-sys/build/cfgs.rs \| 3 +++
114	openssl-sys/src/handwritten/evp.rs \| 8 ++++----
115	openssl-sys/src/obj_mac.rs \| 8 ++++++++
116	openssl/build.rs \| 3 +++
117	openssl/src/hash.rs \| 16 ++++++++--------
118	openssl/src/md.rs \| 8 ++++----
119	openssl/src/nid.rs \| 8 ++++----
120	7 files changed, 34 insertions(+), 20 deletions(-)
121
122	diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
123	index ac7fe28596..2454ef66a4 100644
124	--- vendor/openssl-sys/build/cfgs.rs
125	+++ vendor/openssl-sys/build/cfgs.rs
126	@@ -53,6 +53,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
127	if libressl_version >= 0x3_07_00_00_0 {
128	cfgs.push("libressl370");
129	}
130	+ if libressl_version >= 0x3_08_00_00_0 {
131	+ cfgs.push("libressl380");
132	+ }
133	if libressl_version >= 0x3_08_01_00_0 {
134	cfgs.push("libressl381");
135	}
136	diff --git a/openssl-sys/src/handwritten/evp.rs b/openssl-sys/src/handwritten/evp.rs
137	index 5a112fe8a1..87deae2ac9 100644
138	--- vendor/openssl-sys/src/handwritten/evp.rs
139	+++ vendor/openssl-sys/src/handwritten/evp.rs
140	@@ -294,13 +294,13 @@ extern "C" {
141	pub fn EVP_sha256() -> *const EVP_MD;
142	pub fn EVP_sha384() -> *const EVP_MD;
143	pub fn EVP_sha512() -> *const EVP_MD;
144	- #[cfg(ossl111)]
145	+ #[cfg(any(ossl111, libressl380))]
146	pub fn EVP_sha3_224() -> *const EVP_MD;
147	- #[cfg(ossl111)]
148	+ #[cfg(any(ossl111, libressl380))]
149	pub fn EVP_sha3_256() -> *const EVP_MD;
150	- #[cfg(ossl111)]
151	+ #[cfg(any(ossl111, libressl380))]
152	pub fn EVP_sha3_384() -> *const EVP_MD;
153	- #[cfg(ossl111)]
154	+ #[cfg(any(ossl111, libressl380))]
155	pub fn EVP_sha3_512() -> *const EVP_MD;
156	#[cfg(ossl111)]
157	pub fn EVP_shake128() -> *const EVP_MD;
158	diff --git a/openssl-sys/src/obj_mac.rs b/openssl-sys/src/obj_mac.rs
159	index 1b24c3cbd8..93aa5cdff9 100644
160	--- vendor/openssl-sys/src/obj_mac.rs
161	+++ vendor/openssl-sys/src/obj_mac.rs
162	@@ -976,12 +976,20 @@ pub const NID_sm4_ctr: c_int = 1139;
163	pub const NID_sm4_ctr: c_int = 979;
164	#[cfg(ossl111)]
165	pub const NID_sha3_224: c_int = 1096;
166	+#[cfg(libressl380)]
167	+pub const NID_sha3_224: c_int = 1031;
168	#[cfg(ossl111)]
169	pub const NID_sha3_256: c_int = 1097;
170	+#[cfg(libressl380)]
171	+pub const NID_sha3_256: c_int = 1032;
172	#[cfg(ossl111)]
173	pub const NID_sha3_384: c_int = 1098;
174	+#[cfg(libressl380)]
175	+pub const NID_sha3_384: c_int = 1033;
176	#[cfg(ossl111)]
177	pub const NID_sha3_512: c_int = 1099;
178	+#[cfg(libressl380)]
179	+pub const NID_sha3_512: c_int = 1034;
180	#[cfg(ossl111)]
181	pub const NID_shake128: c_int = 1100;
182	#[cfg(ossl111)]
183	diff --git a/openssl/build.rs b/openssl/build.rs
184	index 4a5b6289ae..93ef534d27 100644
185	--- vendor/openssl/build.rs
186	+++ vendor/openssl/build.rs
187	@@ -66,6 +66,9 @@ fn main() {
188	if version >= 0x3_07_00_00_0 {
189	println!("cargo:rustc-cfg=libressl370");
190	}
191	+ if version >= 0x3_08_00_00_0 {
192	+ println!("cargo:rustc-cfg=libressl380");
193	+ }
194	}
195
196	if let Ok(vars) = env::var("DEP_OPENSSL_CONF") {
197	diff --git a/openssl/src/hash.rs b/openssl/src/hash.rs
198	index 7592758101..9fa9ef3e37 100644
199	--- vendor/openssl/src/hash.rs
200	+++ vendor/openssl/src/hash.rs
201	@@ -127,22 +127,22 @@ impl MessageDigest {
202	unsafe { MessageDigest(ffi::EVP_sha512()) }
203	}
204
205	- #[cfg(ossl111)]
206	+ #[cfg(any(ossl111, libressl380))]
207	pub fn sha3_224() -> MessageDigest {
208	unsafe { MessageDigest(ffi::EVP_sha3_224()) }
209	}
210
211	- #[cfg(ossl111)]
212	+ #[cfg(any(ossl111, libressl380))]
213	pub fn sha3_256() -> MessageDigest {
214	unsafe { MessageDigest(ffi::EVP_sha3_256()) }
215	}
216
217	- #[cfg(ossl111)]
218	+ #[cfg(any(ossl111, libressl380))]
219	pub fn sha3_384() -> MessageDigest {
220	unsafe { MessageDigest(ffi::EVP_sha3_384()) }
221	}
222
223	- #[cfg(ossl111)]
224	+ #[cfg(any(ossl111, libressl380))]
225	pub fn sha3_512() -> MessageDigest {
226	unsafe { MessageDigest(ffi::EVP_sha3_512()) }
227	}
228	@@ -624,7 +624,7 @@ mod tests {
229	);
230	}
231
232	- #[cfg(ossl111)]
233	+ #[cfg(any(ossl111, libressl380))]
234	#[test]
235	fn test_sha3_224() {
236	let tests = [(
237	@@ -644,7 +644,7 @@ mod tests {
238	);
239	}
240
241	- #[cfg(ossl111)]
242	+ #[cfg(any(ossl111, libressl380))]
243	#[test]
244	fn test_sha3_256() {
245	let tests = [(
246	@@ -664,7 +664,7 @@ mod tests {
247	);
248	}
249
250	- #[cfg(ossl111)]
251	+ #[cfg(any(ossl111, libressl380))]
252	#[test]
253	fn test_sha3_384() {
254	let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
255	@@ -684,7 +684,7 @@ mod tests {
256	);
257	}
258
259	- #[cfg(ossl111)]
260	+ #[cfg(any(ossl111, libressl380))]
261	#[test]
262	fn test_sha3_512() {
263	let tests = [("416c6c20796f75722062617365206172652062656c6f6e6720746f207573",
264	diff --git a/openssl/src/md.rs b/openssl/src/md.rs
265	index 8f191afebe..08e4aacf3e 100644
266	--- vendor/openssl/src/md.rs
267	+++ vendor/openssl/src/md.rs
268	@@ -150,25 +150,25 @@ impl Md {
269	unsafe { MdRef::from_ptr(ffi::EVP_sha512() as *mut _) }
270	}
271
272	- #[cfg(ossl111)]
273	+ #[cfg(any(ossl111, libressl380))]
274	#[inline]
275	pub fn sha3_224() -> &'static MdRef {
276	unsafe { MdRef::from_ptr(ffi::EVP_sha3_224() as *mut _) }
277	}
278
279	- #[cfg(ossl111)]
280	+ #[cfg(any(ossl111, libressl380))]
281	#[inline]
282	pub fn sha3_256() -> &'static MdRef {
283	unsafe { MdRef::from_ptr(ffi::EVP_sha3_256() as *mut _) }
284	}
285
286	- #[cfg(ossl111)]
287	+ #[cfg(any(ossl111, libressl380))]
288	#[inline]
289	pub fn sha3_384() -> &'static MdRef {
290	unsafe { MdRef::from_ptr(ffi::EVP_sha3_384() as *mut _) }
291	}
292
293	- #[cfg(ossl111)]
294	+ #[cfg(any(ossl111, libressl380))]
295	#[inline]
296	pub fn sha3_512() -> &'static MdRef {
297	unsafe { MdRef::from_ptr(ffi::EVP_sha3_512() as *mut _) }
298	diff --git a/openssl/src/nid.rs b/openssl/src/nid.rs
299	index 91fcdeca9d..a78d0e660c 100644
300	--- vendor/openssl/src/nid.rs
301	+++ vendor/openssl/src/nid.rs
302	@@ -1078,13 +1078,13 @@ impl Nid {
303	pub const SM2: Nid = Nid(ffi::NID_sm2);
304	#[cfg(any(ossl111, libressl291))]
305	pub const SM3: Nid = Nid(ffi::NID_sm3);
306	- #[cfg(ossl111)]
307	+ #[cfg(any(ossl111, libressl380))]
308	pub const SHA3_224: Nid = Nid(ffi::NID_sha3_224);
309	- #[cfg(ossl111)]
310	+ #[cfg(any(ossl111, libressl380))]
311	pub const SHA3_256: Nid = Nid(ffi::NID_sha3_256);
312	- #[cfg(ossl111)]
313	+ #[cfg(any(ossl111, libressl380))]
314	pub const SHA3_384: Nid = Nid(ffi::NID_sha3_384);
315	- #[cfg(ossl111)]
316	+ #[cfg(any(ossl111, libressl380))]
317	pub const SHA3_512: Nid = Nid(ffi::NID_sha3_512);
318	#[cfg(ossl111)]
319	pub const SHAKE128: Nid = Nid(ffi::NID_shake128);
320	https://github.com/sfackler/rust-openssl/commit/6f6e5c4f02c370c594ccf404a4a67e366d26ad1c
321
322	From 6f6e5c4f02c370c594ccf404a4a67e366d26ad1c Mon Sep 17 00:00:00 2001
323	From: Alex Gaynor <alex.gaynor@gmail.com>
324	Date: Thu, 2 Nov 2023 21:50:11 -0700
325	Subject: [PATCH] fixes #2050 -- build and test on libressl 3.8.2
326
327	---
328	openssl-sys/build/main.rs \| 1 +
329	2 files changed, 3 insertions(+), 2 deletions(-)
330
331	diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs
332	index cd732ca46a..bbee7c5c0d 100644
333	--- vendor/openssl-sys/build/main.rs
334	+++ vendor/openssl-sys/build/main.rs
335	@@ -292,6 +292,7 @@ See rust-openssl documentation for more information:
336	(3, 7, _) => ('3', '7', 'x'),
337	(3, 8, 0) => ('3', '8', '0'),
338	(3, 8, 1) => ('3', '8', '1'),
339	+ (3, 8, _) => ('3', '8', 'x'),
340	_ => version_error(),
341	};
342
343	From 8a4db4b25154bf3b7fc7b123af4e7787ef9a13e2 Mon Sep 17 00:00:00 2001
344	From: Theo Buehler <tb@openbsd.org>
345	Date: Sat, 9 Dec 2023 19:24:59 +0100
346	Subject: [PATCH 1/2] X509_PURPOSE_get0() will return a const pointer
347
348	---
349	openssl-sys/build/cfgs.rs \| 3 +++
350	openssl-sys/src/handwritten/x509.rs \| 4 +---
351	2 files changed, 4 insertions(+), 3 deletions(-)
352
353	diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs
354	index 2454ef66a4..91cb734c34 100644
355	--- vendor/openssl-sys/build/cfgs.rs
356	+++ vendor/openssl-sys/build/cfgs.rs
357	@@ -62,6 +62,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
358	if libressl_version >= 0x3_08_02_00_0 {
359	cfgs.push("libressl382");
360	}
361	+ if libressl_version >= 0x3_09_00_00_0 {
362	+ cfgs.push("libressl390");
363	+ }
364	} else {
365	let openssl_version = openssl_version.unwrap();
366
367	diff --git a/openssl-sys/src/handwritten/x509.rs b/openssl-sys/src/handwritten/x509.rs
368	index a93142cd2a..107e8182d1 100644
369	--- vendor/openssl-sys/src/handwritten/x509.rs
370	+++ vendor/openssl-sys/src/handwritten/x509.rs
371	@@ -700,10 +700,8 @@ pub struct X509_PURPOSE {
372	const_ptr_api! {
373	extern "C" {
374	pub fn X509_PURPOSE_get_by_sname(sname: #[const_ptr_if(any(ossl110, libressl280))] c_char) -> c_int;
375	+ pub fn X509_PURPOSE_get0(idx: c_int) -> #[const_ptr_if(libressl390)] X509_PURPOSE;
376	}
377	-}
378	-extern "C" {
379	- pub fn X509_PURPOSE_get0(idx: c_int) -> *mut X509_PURPOSE;
380	}
381
382	extern "C" {
383	From 4d83202cb5a911c05e58aa1cc53d5556a3bd0c32 Mon Sep 17 00:00:00 2001
384	From: Theo Buehler <tb@openbsd.org>
385	Date: Sat, 9 Dec 2023 19:27:37 +0100
386	Subject: [PATCH 2/2] X509V3_EXT_add_alias() will be removed
387
388	---
389	openssl-sys/src/handwritten/x509v3.rs \| 1 +
390	openssl/build.rs \| 3 +++
391	openssl/src/x509/mod.rs \| 1 +
392	3 files changed, 5 insertions(+)
393
394	diff --git a/openssl-sys/src/handwritten/x509v3.rs b/openssl-sys/src/handwritten/x509v3.rs
395	index 2f59bf6663..1a548c0e25 100644
396	--- vendor/openssl-sys/src/handwritten/x509v3.rs
397	+++ vendor/openssl-sys/src/handwritten/x509v3.rs
398	@@ -84,6 +84,7 @@ const_ptr_api! {
399	}
400
401	extern "C" {
402	+ #[cfg(not(libressl390))]
403	pub fn X509V3_EXT_add_alias(nid_to: c_int, nid_from: c_int) -> c_int;
404	pub fn X509V3_EXT_d2i(ext: mut X509_EXTENSION) -> mut c_void;
405	pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: mut c_void) -> mut X509_EXTENSION;
406	diff --git a/openssl/build.rs b/openssl/build.rs
407	index 87a9fa06f5..7677abc086 100644
408	--- vendor/openssl/build.rs
409	+++ vendor/openssl/build.rs
410	@@ -72,6 +72,9 @@ fn main() {
411	if version >= 0x3_08_02_00_0 {
412	println!("cargo:rustc-cfg=libressl382");
413	}
414	+ if version >= 0x3_09_00_00_0 {
415	+ println!("cargo:rustc-cfg=libressl390");
416	+ }
417	}
418
419	if let Ok(vars) = env::var("DEP_OPENSSL_CONF") {
420	diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
421	index c918fed667..115193ee05 100644
422	--- vendor/openssl/src/x509/mod.rs
423	+++ vendor/openssl/src/x509/mod.rs
424	@@ -1018,6 +1018,7 @@ impl X509Extension {
425	/// # Safety
426	///
427	/// This method modifies global state without locking and therefore is not thread safe
428	+ #[cfg(not(libressl390))]
429	#[corresponds(X509V3_EXT_add_alias)]
430	#[deprecated(
431	note = "Use x509::extension types or new_from_der and then this is not necessary",