From d19e6360ed3a9be27804b49fb6e7c8e64f59bfa1 Mon Sep 17 00:00:00 2001
From: Jun Aruga <jaruga@redhat.com>
Date: Mon, 14 Aug 2023 16:02:42 +0200
Subject: [PATCH] Enhance printing OpenSSL versions.

* Updated the `OpenSSL::OPENSSL_VERSION_NUMBER` comment explaining the format.
* Added the `OpenSSL::LIBRESSL_VERSION_NUMBER` to print LibreSSL version number,
  in the case that Ruby OpenSSL binding is compiled with LibreSSL. Note
  `test/openssl/utils.rb#libressl?` is not using this value in it for now.
* Update `rake debug` to print the values in a readable way, adding
  `OpenSSL::OPENSSL_VERSION_NUMBER` and `OpenSSL::LIBRESSL_VERSION_NUMBER`.
---
 Rakefile           | 13 ++++++++++++-
 ext/openssl/ossl.c | 19 ++++++++++++++++++-
 2 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/Rakefile b/Rakefile
index ab708bd22..b1bee2ac0 100644
--- a/Rakefile
+++ b/Rakefile
@@ -38,7 +38,18 @@ task :debug_compiler do
 end
 
 task :debug do
-  ruby "-I./lib -ropenssl -ve'puts OpenSSL::OPENSSL_VERSION, OpenSSL::OPENSSL_LIBRARY_VERSION'"
+  ruby_code = <<~'EOF'
+    openssl_version_number_str = OpenSSL::OPENSSL_VERSION_NUMBER.to_s(16)
+    libressl_version_number_str = (defined? OpenSSL::LIBRESSL_VERSION_NUMBER) ?
+      OpenSSL::LIBRESSL_VERSION_NUMBER.to_s(16) : "undefined"
+    puts <<~MESSAGE
+      OpenSSL::OPENSSL_VERSION: #{OpenSSL::OPENSSL_VERSION}
+      OpenSSL::OPENSSL_LIBRARY_VERSION: #{OpenSSL::OPENSSL_LIBRARY_VERSION}
+      OpenSSL::OPENSSL_VERSION_NUMBER: #{openssl_version_number_str}
+      OpenSSL::LIBRESSL_VERSION_NUMBER: #{libressl_version_number_str}
+    MESSAGE
+  EOF
+  ruby %Q(-I./lib -ropenssl -ve'#{ruby_code}')
 end
 
 task :default => :test
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index e67832d46..e21d13722 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -1149,10 +1149,27 @@ Init_openssl(void)
 
     /*
      * Version number of OpenSSL the ruby OpenSSL extension was built with
-     * (base 16)
+     * (base 16). The formats are below.
+     *
+     * [OpenSSL 3] <tt>0xMNN00PP0 (major minor 00 patch 0)</tt>
+     * [OpenSSL before 3] <tt>0xMNNFFPPS (major minor fix patch status)</tt>
+     * [LibreSSL] <tt>0x20000000 (fixed value)</tt>
+     *
+     * See also the man page OPENSSL_VERSION_NUMBER(3).
      */
     rb_define_const(mOSSL, "OPENSSL_VERSION_NUMBER", INT2NUM(OPENSSL_VERSION_NUMBER));
 
+#if defined(LIBRESSL_VERSION_NUMBER)
+    /*
+     * Version number of LibreSSL the ruby OpenSSL extension was built with
+     * (base 16). The format is <tt>0xMNNFFPPS (major minor fix patch
+     * status)</tt>. This constant is only defined in LibreSSL cases.
+     *
+     * See also the man page OPENSSL_VERSION_NUMBER(3).
+     */
+    rb_define_const(mOSSL, "LIBRESSL_VERSION_NUMBER", INT2NUM(LIBRESSL_VERSION_NUMBER));
+#endif
+
     /*
      * Boolean indicating whether OpenSSL is FIPS-capable or not
      */