diff --git a/Net-SSLeay-1.88-OpenSSL-1.1.1e.patch b/Net-SSLeay-1.88-OpenSSL-1.1.1e.patch
deleted file mode 100644
index 4d00c0e..0000000
--- a/Net-SSLeay-1.88-OpenSSL-1.1.1e.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-From 25ae268277121eeecd29830dec6a0229e4f8fbcb Mon Sep 17 00:00:00 2001
-From: Heikki Vatiainen <hvn@radiatorsoftware.com>
-Date: Fri, 20 Mar 2020 10:49:35 +0200
-Subject: GH-160 Call Net::SSLeay::shutdown() from SSLeay::sslcat()
- and t/local/07_sslecho.t. (#161)
-
-Fix for GH-160 seems to require SSL_shutdown() calls which were missing from
-t/local/07_sslecho.t and Net::SSLeay::sslcat()
-
-These seem to relate to this change in OpenSSL
-'Detect EOF while reading in libssl':
-https://github.com/openssl/openssl/commit/db943f43a60d1b5b1277e4b5317e8f288e7a0a3a
-
-The newly added OpenSSL error message 'unexpected eof while reading' was seen
-before the SSL_shutdown() calls were added.
----
- lib/Net/SSLeay.pm    |  1 +
- t/local/07_sslecho.t | 30 ++++++++++++++++++++++++++++--
- 2 files changed, 29 insertions(+), 2 deletions(-)
-
-diff --git a/lib/Net/SSLeay.pm b/lib/Net/SSLeay.pm
-index 7f14519..2cf79ed 100644
---- a/lib/Net/SSLeay.pm
-+++ b/lib/Net/SSLeay.pm
-@@ -1120,6 +1120,7 @@ sub sslcat { # address, port, message, $crt, $key --> reply / (reply,errs,cert)
-     goto cleanup unless $written;
- 
-     sleep $slowly if $slowly;  # Closing too soon can abort broken servers
-+    Net::SSLeay::shutdown($ssl); # Useful starting with OpenSSL 1.1.1e
-     CORE::shutdown SSLCAT_S, 1;  # Half close --> No more output, send EOF to server
- 
-     warn "waiting for reply...\n" if $trace>2;
-diff --git a/t/local/07_sslecho.t b/t/local/07_sslecho.t
-index e876715..2ef4baf 100644
---- a/t/local/07_sslecho.t
-+++ b/t/local/07_sslecho.t
-@@ -13,7 +13,7 @@ BEGIN {
-   plan skip_all => "fork() not supported on $^O" unless $Config{d_fork};
- }
- 
--plan tests => 102;
-+plan tests => 122;
- $SIG{'PIPE'} = 'IGNORE';
- 
- my $sock;
-@@ -103,8 +103,28 @@ Net::SSLeay::library_init();
- 
-             my $got = Net::SSLeay::ssl_read_all($ssl);
-             is($got, $msg, 'ssl_read_all') if $_ < 7;
-+
-+	    is(Net::SSLeay::get_shutdown($ssl), Net::SSLeay::RECEIVED_SHUTDOWN(), 'shutdown from peer');
-             ok(Net::SSLeay::ssl_write_all($ssl, uc($got)), 'ssl_write_all');
- 
-+	    # With 1.1.1e and $Net::SSLeay::trace=3 you'll see these without shutdown:
-+	    # SSL_read 9740: 1 - error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
-+	    my $sret = Net::SSLeay::shutdown($ssl);
-+	    if ($sret < 0)
-+	    {
-+		# ERROR_SYSCALL seen on < 1.1.1, if so also print errno string
-+		my $err = Net::SSLeay::get_error($ssl, $sret);
-+		my $extra = ($err == Net::SSLeay::ERROR_SYSCALL()) ? "$err, $!" : "$err";
-+
-+		ok($err == Net::SSLeay::ERROR_ZERO_RETURN() ||
-+		   $err == Net::SSLeay::ERROR_SYSCALL(),
-+		    "server shutdown not success, but acceptable: $extra");
-+	    }
-+	    else
-+	    {
-+		pass('server shutdown success');
-+	    }
-+
-             Net::SSLeay::free($ssl);
-             close $ns;
-         }
-@@ -143,6 +163,7 @@ my @results;
-     push @results, [ Net::SSLeay::get_cipher($ssl), 'get_cipher' ];
- 
-     push @results, [ Net::SSLeay::ssl_write_all($ssl, $msg), 'write' ];
-+    push @results, [ Net::SSLeay::shutdown($ssl) >= 0, 'client side ssl shutdown' ];
-     shutdown($s, 1);
- 
-     my $got = Net::SSLeay::ssl_read_all($ssl);
-@@ -185,6 +206,7 @@ my @results;
- 
-             Net::SSLeay::ssl_write_all($ssl, $msg);
- 
-+	    push @results, [Net::SSLeay::shutdown($ssl) >= 0, 'verify: client side ssl shutdown' ];
-             shutdown $s, 2;
-             close $s;
-             Net::SSLeay::free($ssl);
-@@ -238,14 +260,17 @@ my @results;
- 
-             Net::SSLeay::connect($ssl1);
-             Net::SSLeay::ssl_write_all($ssl1, $msg);
-+	    push @results, [Net::SSLeay::shutdown($ssl1) >= 0, 'client side ssl1 shutdown' ];
-             shutdown $s1, 2;
- 
-             Net::SSLeay::connect($ssl2);
-             Net::SSLeay::ssl_write_all($ssl2, $msg);
-+	    push @results, [Net::SSLeay::shutdown($ssl2) >= 0, 'client side ssl2 shutdown' ];
-             shutdown $s2, 2;
- 
-             Net::SSLeay::connect($ssl3);
-             Net::SSLeay::ssl_write_all($ssl3, $msg);
-+	    push @results, [Net::SSLeay::shutdown($ssl3) >= 0, 'client side ssl3 shutdown' ];
-             shutdown $s3, 2;
- 
-             close $s1;
-@@ -362,6 +387,7 @@ my @results;
-     my $written = Net::SSLeay::ssl_write_all($ssl, \$data);
-     push @results, [ $written == length $data, 'ssl_write_all' ];
- 
-+    push @results, [Net::SSLeay::shutdown($ssl) >= 0, 'client side aaa write ssl shutdown' ];
-     shutdown $s, 1;
- 
-     my $got = Net::SSLeay::ssl_read_all($ssl);
-@@ -377,7 +403,7 @@ waitpid $pid, 0;
- push @results, [ $? == 0, 'server exited with 0' ];
- 
- END {
--    Test::More->builder->current_test(73);
-+    Test::More->builder->current_test(87);
-     for my $t (@results) {
-         ok( $t->[0], $t->[1] );
-     }
--- 
-2.25.1
-
diff --git a/Net-SSLeay-1.86_09-pkgconfig.patch b/Net-SSLeay-1.90-pkgconfig.patch
similarity index 60%
rename from Net-SSLeay-1.86_09-pkgconfig.patch
rename to Net-SSLeay-1.90-pkgconfig.patch
index 0656386..5cefe35 100644
--- a/Net-SSLeay-1.86_09-pkgconfig.patch
+++ b/Net-SSLeay-1.90-pkgconfig.patch
@@ -1,23 +1,15 @@
 --- Makefile.PL
 +++ Makefile.PL
-@@ -201,11 +201,16 @@ EOM
+@@ -209,7 +209,12 @@ EOM
          @{ $opts->{lib_links} } = map { $_ =~ s/32\b//g } @{ $opts->{lib_links} } if $Config{use64bitall};
      }
      else {
--        push @{ $opts->{lib_links} },
--             ($rsaref
--              ? qw( ssl crypto RSAglue rsaref z )
--              : qw( ssl crypto z )
--             );
+-        push @{ $opts->{lib_links} }, qw( ssl crypto z );
 +        if ( eval { require ExtUtils::PkgConfig; ExtUtils::PkgConfig->VERSION('1.16') } && ExtUtils::PkgConfig->exists('openssl') ) {
 +            push @{ $opts->{lib_links} }, map { s/^-l//; $_ } split(' ', ExtUtils::PkgConfig->libs_only_l('openssl'));
 +        }
 +        else {
-+            push @{ $opts->{lib_links} },
-+                 ($rsaref
-+                  ? qw( ssl crypto RSAglue rsaref z )
-+                  : qw( ssl crypto z )
-+                 );
++             push @{ $opts->{lib_links} }, qw( ssl crypto z );
 +        }
  
          if (($Config{cc} =~ /aCC/i) && $^O eq 'hpux') {
diff --git a/perl-Net-SSLeay.spec b/perl-Net-SSLeay.spec
index 819210f..110d957 100644
--- a/perl-Net-SSLeay.spec
+++ b/perl-Net-SSLeay.spec
@@ -4,18 +4,14 @@
 %{bcond_with perl_Net_SSLeay_enables_optional_test}
 %endif
 
-# Provides/Requires filtering is different from rpm 4.9 onwards
-%global rpm49 %(rpm --version | perl -p -e 's/^.* (\\d+)\\.(\\d+).*/sprintf("%d.%03d",$1,$2) ge 4.009 ? 1 : 0/e' 2>/dev/null || echo 0)
-
 Name:		perl-Net-SSLeay
-Version:	1.88
-Release:	9%{?dist}
+Version:	1.90
+Release:	1%{?dist}
 Summary:	Perl extension for using OpenSSL
 License:	Artistic 2.0
 URL:		https://metacpan.org/release/Net-SSLeay
 Source0:	https://cpan.metacpan.org/modules/by-module/Net/Net-SSLeay-%{version}.tar.gz
-Patch0:		Net-SSLeay-1.88-OpenSSL-1.1.1e.patch
-Patch10:	Net-SSLeay-1.86_09-pkgconfig.patch
+Patch10:	Net-SSLeay-1.90-pkgconfig.patch
 # =========== Module Build ===========================
 BuildRequires:	coreutils
 BuildRequires:	findutils
@@ -33,6 +29,7 @@ BuildRequires:	perl(ExtUtils::MM)
 BuildRequires:	perl(File::Basename)
 BuildRequires:	perl(File::Path)
 BuildRequires:	perl(Symbol)
+BuildRequires:	perl(utf8)
 # =========== Module Runtime =========================
 BuildRequires:	perl(AutoLoader)
 BuildRequires:	perl(Carp)
@@ -80,12 +77,6 @@ so you can write servers or clients for more complicated applications.
 %prep
 %setup -q -n Net-SSLeay-%{version}
 
-# Add SSL_shutdown() calls in Net::SSLeay::sslcat() and t/local/07_sslecho.t
-# to fix compatibility with OpenSSL 1.1.1e
-# https://github.com/radiator-software/p5-net-ssleay/issues/160
-# https://github.com/radiator-software/p5-net-ssleay/pull/161
-%patch0 -p1
-
 # Get libraries to link against from pkg-config
 # https://github.com/radiator-software/p5-net-ssleay/pull/127
 %patch10
@@ -93,7 +84,6 @@ so you can write servers or clients for more complicated applications.
 # Fix permissions in examples to avoid bogus doc-file dependencies
 chmod -c 644 examples/*
 
-
 %build
 unset OPENSSL_PREFIX
 PERL_MM_USE_DEFAULT=1 perl Makefile.PL \
@@ -127,6 +117,21 @@ make test
 %{_mandir}/man3/Net::SSLeay::Handle.3*
 
 %changelog
+* Thu Jan 21 2021 Paul Howarth <paul@city-fan.org> - 1.90-1
+- Update to 1.90
+  - Formalised libssl version support policy: all stable versions of OpenSSL
+    in the 0.9.8-1.1.1 branches (with the exception of 0.9.8-0.9.8b) and all
+    stable releases of LibreSSL in the 2.0-3.1 series are supported
+  - The LibreSSL 3.2 series is not yet fully supported because its TLSv1.3
+    implementation is not currently libssl-compatible
+  - Added support for LibreSSL on Windows when built with Visual C++
+  - Exposed P_X509_CRL_add_extensions, several SSL_CIPHER functions, and
+    several stack functions
+  - Fixed crashes in the callback functions CTX_set_next_proto_select_cb and
+    CTX_set_alpn_select_cb
+  - The test suite is now compatible with OpenSSL 1.1.1e onwards, as well as
+    OpenSSL security level 2 (the default on many Linux distributions)
+
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.88-9
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 
diff --git a/sources b/sources
index dedf785..7328f1a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (Net-SSLeay-1.88.tar.gz) = 37fc32ec003337f3dc18bf928139079a3127628c6fa0fccaed0c27b6bf3b216c2c5338ed1aaf9408b0add3be549df3218d3c5a6d6299793c1329d8a0813a1682
+SHA512 (Net-SSLeay-1.90.tar.gz) = 8a5f251b5ef1d8c2d619d984594a7a22ddeed2e5e726fe683a45f299d7878f4ca8ffab00480ebf5ef7a94ae1fcf6be05dfdaa68b8bfe2ad68443150765adb891