https://bugs.gentoo.org/903001
https://github.com/notroj/neon/pull/113
https://github.com/notroj/neon/commit/18e868e4449cd46d494944ced798f9dcd01f65c5
https://github.com/notroj/neon/pull/116
https://github.com/notroj/neon/commit/231a1d3f3f427b823753dc2e53adcf9cafda619b
https://github.com/notroj/neon/pull/118
https://github.com/notroj/neon/commit/6f98a9c9bdd76fb3d367e3b01bcc45bea574c3d1

From 233f17b86ebc2cd99d9deede484f4b0be586730f Mon Sep 17 00:00:00 2001
From: orbea <orbea@riseup.net>
Date: Mon, 27 Mar 2023 14:58:49 -0700
Subject: [PATCH] ne_openssl: Fix the build with libressl

* Libressl 3.7 currently doesn't provide EVP_sha512_256().
* Libressl 3.4 added SSL_CTX_set_post_handshake_auth().
---
 src/ne_openssl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

From 392e1380e1fa07675934ed25e8980ae18d0bccb4 Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@redhat.com>
Date: Tue, 9 May 2023 16:26:55 +0100
Subject: [PATCH] * src/ne_openssl.c: Fix GCC warning with OpenSSL build.

---
 src/ne_openssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

From 1e9483dbb43e82dde06bc84434c8b7124602adbc Mon Sep 17 00:00:00 2001
From: orbea <orbea@riseup.net>
Date: Mon, 29 May 2023 10:07:52 -0700
Subject: [PATCH] ne_openssl: Update for LibreSSL 3.8.0

EVP_sha512_256() was added in LibreSSL 3.8.0.
---
 src/ne_openssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ne_openssl.c b/src/ne_openssl.c
index d13c25a..bdb73e9 100644
--- a/src/ne_openssl.c
+++ b/src/ne_openssl.c
@@ -581,7 +581,7 @@ ne_ssl_context *ne_ssl_context_create(int mode)
         /* enable workarounds for buggy SSL server implementations */
         SSL_CTX_set_options(ctx->ctx, SSL_OP_ALL);
         SSL_CTX_set_verify(ctx->ctx, SSL_VERIFY_PEER, verify_callback);
-#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10101000L
+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x3040000fL || (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10101000L)
         SSL_CTX_set_post_handshake_auth(ctx->ctx, 1);
 #endif
     } else if (mode == NE_SSL_CTX_SERVER) {
@@ -1122,7 +1122,9 @@ static const EVP_MD *hash_to_md(unsigned int flags)
     case NE_HASH_SHA256: return EVP_sha256();
 #ifdef HAVE_OPENSSL11
     case NE_HASH_SHA512: return EVP_sha512();
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x3080000fL
     case NE_HASH_SHA512_256: return EVP_sha512_256();
+#endif
 #endif
     default: break;
     }