openssl3: init at 3.0.0

Signed-off-by: Arthur Gautier <baloo@superbaloo.net>

pkgs/development/libraries/openssl/3.0/nix-ssl-cert-file.patch

@@ -0,0 +1,15 @@
+diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
+index 37d73ca84c..e328896234 100644
+--- a/crypto/x509/by_file.c
++++ b/crypto/x509/by_file.c
+@@ -54,7 +54,9 @@ static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp,
+     switch (cmd) {
+     case X509_L_FILE_LOAD:
+         if (argl == X509_FILETYPE_DEFAULT) {
+-            file = ossl_safe_getenv(X509_get_default_cert_file_env());
++            file = ossl_safe_getenv("NIX_SSL_CERT_FILE");
++            if (!file)
++                file = ossl_safe_getenv(X509_get_default_cert_file_env());
+             if (file)
+                 ok = (X509_load_cert_crl_file_ex(ctx, file, X509_FILETYPE_PEM,
+                                                  libctx, propq) != 0);

pkgs/development/libraries/openssl/default.nix

@@ -198,11 +198,23 @@ in {
       ./1.1/nix-ssl-cert-file.patch
 
       (if stdenv.hostPlatform.isDarwin
-       then ./1.1/use-etc-ssl-certs-darwin.patch
+       then ./use-etc-ssl-certs-darwin.patch
-       else ./1.1/use-etc-ssl-certs.patch)
+       else ./use-etc-ssl-certs.patch)
     ] ++ lib.optionals (stdenv.isDarwin) [
       ./1.1/macos-yosemite-compat.patch
     ];
     withDocs = true;
   };
+
+  openssl_3_0 = common {
+    version = "3.0.0";
+    sha256 = "sha256-We7fy0bCUhTJvTftYHgpe03wHQEiZ/6enu4x9hvHBTY=";
+    patches = [
+      ./3.0/nix-ssl-cert-file.patch
+      (if stdenv.hostPlatform.isDarwin
+       then ./use-etc-ssl-certs-darwin.patch
+       else ./use-etc-ssl-certs.patch)
+    ];
+    withDocs = true;
+  };
 }

pkgs/top-level/all-packages.nix

@@ -18176,7 +18176,8 @@ with pkgs;
 
   inherit (callPackages ../development/libraries/openssl { })
     openssl_1_0_2
-    openssl_1_1;
+    openssl_1_1
+    openssl_3_0;
 
   openssl-chacha = callPackage ../development/libraries/openssl/chacha.nix { };