Build(deps): Update openssl requirement from ~> 3 to ~> 4

[dependabot]

Updates the requirements on openssl to permit the latest version.

Release notes

Sourced from openssl's releases.

v4.0.1

What's Changed

• cipher: remove incorrect assertion in Cipher#update by @​rhenium in ruby/openssl#991
• Improve Argument Error Message in EC:Group.new by @​aguspe in ruby/openssl#992
• Fix test_cipher.rb in FIPS. by @​junaruga in ruby/openssl#994
• Fix test_digest.rb in FIPS. by @​junaruga in ruby/openssl#995
• Use assert_ruby_status if no assertion by @​hsbt in ruby/openssl#999
• CI: Upgrade LibreSSL versions by @​junaruga in ruby/openssl#998
• Add sync_close kwarg to SSLSocket.new by @​noteflakes in ruby/openssl#996
• ssl: refactor errno access by @​rhenium in ruby/openssl#980
• ssl: update tests for SSLContext#servername_cb callback by @​rhenium in ruby/openssl#1001
• Fix test_pkcs12.rb in FIPS. by @​junaruga in ruby/openssl#997
• ocsp: fix uninitialized variables in BasicResponse#status by @​swhitt in ruby/openssl#1004
• Ruby/OpenSSL 4.0.1 by @​rhenium in ruby/openssl#1006

New Contributors

• @​aguspe made their first contribution in ruby/openssl#992
• @​noteflakes made their first contribution in ruby/openssl#996
• @​swhitt made their first contribution in ruby/openssl#1004

Full Changelog: ruby/openssl@v4.0.0...v4.0.1

Changelog

Sourced from openssl's changelog.

Version 4.0.1

Notable changes

• Add sync_close keyword argument to OpenSSL::SSL::SSLSocket.new as a short-hand for setting sync_close attribute on the created SSLSocket instance. [[GitHub #955]](ruby/openssl#955) [[GitHub #996]](ruby/openssl#996)

Bug fixes

• Fix uninitialized variables in OpenSSL::OCSP::BasicResponse#status. [[GitHub #1004]](ruby/openssl#1004)

Version 4.0.0

Compatibility

• Ruby >= 2.7
• OpenSSL >= 1.1.1, LibreSSL >= 3.9, and AWS-LC 1.66.0
  • Removed support for OpenSSL 1.0.2-1.1.0 and LibreSSL 3.1-3.8. [[GitHub #835]](ruby/openssl#835)
  • Added support for AWS-LC. [[GitHub #833]](ruby/openssl#833)

Notable changes

• OpenSSL::SSL
  • Reduce overhead when writing to OpenSSL::SSL::SSLSocket. #syswrite no longer creates a temporary String object. [[GitHub #831]](ruby/openssl#831)
  • Make OpenSSL::SSL::SSLContext#min_version= and #max_version= wrap the corresponding OpenSSL APIs directly, and remove the fallback to SSL options. [[GitHub #849]](ruby/openssl#849)
  • Add OpenSSL::SSL::SSLContext#sigalgs= and #client_sigalgs= for specifying signature algorithms to use for connections. [[GitHub #895]](ruby/openssl#895)
  • Rename OpenSSL::SSL::SSLContext#ecdh_curves= to #groups= following the underlying OpenSSL API rename. This method is no longer specific to ECDHE. The old method remains as an alias.

... (truncated)

Commits

• 38a1a4a Ruby/OpenSSL 4.0.1
• ff90193 Merge pull request #1003 from ruby/dependabot/github_actions/step-security/ha...
• 93d79fc Merge pull request #1004 from swhitt/fix-ocsp-basic-response-uninitialized-re...
• 667ce07 ocsp: fix uninitialized variables in BasicResponse#status
• 2ff55dc build(deps): bump step-security/harden-runner from 2.14.1 to 2.14.2
• f9429bd Merge pull request #997 from junaruga/wip/fips-test-pkcs12
• d86270d Update the steps to generate the base64-based examples.
• 2aa6d97 Fix test_pkcs12.rb in FIPS.
• b814041 Merge pull request #1002 from ruby/dependabot/github_actions/step-security/ha...
• 1aeac77 build(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1
• Additional commits viewable in compare view

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.