[ruby/openssl] Require LibreSSL 3.9 or later

Drop support for LibreSSL 3.1-3.8. LibreSSL 3.8 has reached its EOL in 2024-10. https://github.com/ruby/openssl/commit/f33d611f9f
author: Kazuki Yamaguchi <[email protected]> 2025-01-08 01:55:56 +0900
committer: git <[email protected]> 2025-01-14 12:38:16 +0000
commit: 0fb64bda9bf16c36de3c4ca5f9d3aa8da5d39ee2 (patch)
tree: fa94c34070910983bbf0d00a71ef6d9e08a5a4dc /ext/openssl/ossl_x509store.c
parent: 4f79485889bc9c782474c9dd32d5b916376fd0ec (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c
index 214a3057de..c99ed8f4a3 100644
--- a/ext/openssl/ossl_x509store.c
+++ b/ext/openssl/ossl_x509store.c
@@ -365,12 +365,12 @@ ossl_x509store_add_file(VALUE self, VALUE file)
         ossl_raise(eX509StoreError, "X509_STORE_add_lookup");
     if (X509_LOOKUP_load_file(lookup, path, X509_FILETYPE_PEM) != 1)
         ossl_raise(eX509StoreError, "X509_LOOKUP_load_file");
-#if OPENSSL_VERSION_NUMBER < 0x10101000 || defined(LIBRESSL_VERSION_NUMBER)
+#if !OSSL_OPENSSL_PREREQ(1, 1, 1) && !OSSL_IS_LIBRESSL
     /*
      * X509_load_cert_crl_file() which is called from X509_LOOKUP_load_file()
      * did not check the return value of X509_STORE_add_{cert,crl}(), leaking
      * "cert already in hash table" errors on the error queue, if duplicate
-     * certificates are found. This will be fixed by OpenSSL 1.1.1.
+     * certificates are found. Fixed by OpenSSL 1.1.1 and LibreSSL 3.5.0.
      */
     ossl_clear_error();
 #endif
author	Kazuki Yamaguchi <[email protected]>	2025-01-08 01:55:56 +0900
committer	git <[email protected]>	2025-01-14 12:38:16 +0000
commit	0fb64bda9bf16c36de3c4ca5f9d3aa8da5d39ee2 (patch)
tree	fa94c34070910983bbf0d00a71ef6d9e08a5a4dc /ext/openssl/ossl_x509store.c
parent	4f79485889bc9c782474c9dd32d5b916376fd0ec (diff)