From bc19c84df47e7853f688a45385c0913fbde40f22 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 17 Mar 2025 11:18:16 +0000
Subject: [PATCH 1/2] build(deps): bump rustls from 0.23.23 to 0.23.24

Bumps [rustls](https://github.com/rustls/rustls) from 0.23.23 to 0.23.24.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.23...v/0.23.24)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Cargo.lock | 8 ++++----
 Cargo.toml | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index ad5c151..2517597 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -465,9 +465,9 @@ dependencies = [
 
 [[package]]
 name = "rustls"
-version = "0.23.23"
+version = "0.23.24"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "47796c98c480fce5406ef69d1c76378375492c3b0a0de587be0c1d9feb12f395"
+checksum = "96bf61953b1bc045820a2b947e6e9771c58c8c4b15242425b03f783ede1b34fe"
 dependencies = [
  "aws-lc-rs",
  "log",
@@ -497,9 +497,9 @@ checksum = "917ce264624a4b4db1c364dcc35bfca9ded014d0a958cd47ad3e960e988ea51c"
 
 [[package]]
 name = "rustls-webpki"
-version = "0.102.8"
+version = "0.103.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "64ca1bc8749bd4cf37b5ce386cc146580777b4e8572c7b97baf22c83f444bee9"
+checksum = "0aa4eeac2588ffff23e9d7a7e9b3f971c5fb5b7ebc9452745e0c232c64f83b2f"
 dependencies = [
  "aws-lc-rs",
  "ring",
diff --git a/Cargo.toml b/Cargo.toml
index 07f9945..f1c5b05 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -14,4 +14,4 @@ env_logger = "0.11"
 log = "0.4"
 openssl-probe = "0.1"
 openssl-sys = "0.9"
-rustls = "0.23.14"
+rustls = "0.23.24"

From a79b565bcb366c18f2a886b79909414a09337edb Mon Sep 17 00:00:00 2001
From: Joe Birr-Pixton <jpixton@gmail.com>
Date: Mon, 17 Mar 2025 13:30:53 +0000
Subject: [PATCH 2/2] verifier: translate new `CertificateError` variants

---
 src/verifier.rs | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/verifier.rs b/src/verifier.rs
index 770afbf..36c8cbe 100644
--- a/src/verifier.rs
+++ b/src/verifier.rs
@@ -287,15 +287,20 @@ fn translate_verify_result(result: &Result<(), Error>) -> i32 {
         Err(Error::InvalidCertificate(CertificateError::UnknownIssuer)) => {
             X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
         }
-        Err(Error::InvalidCertificate(CertificateError::NotValidYet)) => {
+        Err(Error::InvalidCertificate(CertificateError::NotValidYet))
+        | Err(Error::InvalidCertificate(CertificateError::NotValidYetContext { .. })) => {
             X509_V_ERR_CERT_NOT_YET_VALID
         }
-        Err(Error::InvalidCertificate(CertificateError::Expired)) => X509_V_ERR_CERT_HAS_EXPIRED,
+        Err(Error::InvalidCertificate(CertificateError::Expired))
+        | Err(Error::InvalidCertificate(CertificateError::ExpiredContext { .. })) => {
+            X509_V_ERR_CERT_HAS_EXPIRED
+        }
         Err(Error::InvalidCertificate(CertificateError::Revoked)) => X509_V_ERR_CERT_REVOKED,
         Err(Error::InvalidCertificate(CertificateError::InvalidPurpose)) => {
             X509_V_ERR_INVALID_PURPOSE
         }
-        Err(Error::InvalidCertificate(CertificateError::NotValidForName)) => {
+        Err(Error::InvalidCertificate(CertificateError::NotValidForName))
+        | Err(Error::InvalidCertificate(CertificateError::NotValidForNameContext { .. })) => {
             X509_V_ERR_HOSTNAME_MISMATCH
         }
         // TODO: more mappings can go here