diff --git a/security/p5-Net-SSLeay/Makefile b/security/p5-Net-SSLeay/Makefile
index 932fa35f8b6..e5156a757b0 100644
--- a/security/p5-Net-SSLeay/Makefile
+++ b/security/p5-Net-SSLeay/Makefile
@@ -1,7 +1,6 @@
 COMMENT =	Perl bindings for OpenSSL and LibreSSL
 
-DISTNAME =	Net-SSLeay-1.92
-REVISION =	4
+DISTNAME =	Net-SSLeay-1.94
 
 CATEGORIES =	security
 
@@ -17,7 +16,8 @@ TEST_DEPENDS =		devel/p5-Test-Exception \
 			devel/p5-Test-Warn \
 			devel/p5-Test-NoWarnings \
 			devel/p5-Test-Pod>=1.41 \
-			devel/p5-Test-Pod-Coverage>=1.00
+			devel/p5-Test-Pod-Coverage>=1.00 \
+			security/p5-Crypt-OpenSSL-Bignum
 
 MODCPAN_EXAMPLES =	Yes
 SRCDIR = 		${WRKSRC}/${MODCPAN_EXAMPLES_DIST}
diff --git a/security/p5-Net-SSLeay/distinfo b/security/p5-Net-SSLeay/distinfo
index d6f5e8a6a54..c877ab1d33d 100644
--- a/security/p5-Net-SSLeay/distinfo
+++ b/security/p5-Net-SSLeay/distinfo
@@ -1,2 +1,2 @@
-SHA256 (Net-SSLeay-1.92.tar.gz) = R8LyswDy5xYtcdaZ9jPdajWwYloAy9qMUKwBFEqTlqk=
-SIZE (Net-SSLeay-1.92.tar.gz) = 555930
+SHA256 (Net-SSLeay-1.94.tar.gz) = nXvopW0b7doFxCUwbMUEuhNDB+DAm9pKeIyYdE682V0=
+SIZE (Net-SSLeay-1.94.tar.gz) = 663948
diff --git a/security/p5-Net-SSLeay/patches/patch-SSLeay_xs b/security/p5-Net-SSLeay/patches/patch-SSLeay_xs
deleted file mode 100644
index b5fd32c2378..00000000000
--- a/security/p5-Net-SSLeay/patches/patch-SSLeay_xs
+++ /dev/null
@@ -1,142 +0,0 @@
-https://github.com/radiator-software/p5-net-ssleay/pull/406
-https://github.com/radiator-software/p5-net-ssleay/commit/3dd2f101b8e15a59f66e22525b8d001d5ad6ce7d
-https://github.com/radiator-software/p5-net-ssleay/commit/4a886e06c1cac80e7fb3f8d52146a27ce557ba8c
-https://github.com/radiator-software/p5-net-ssleay/commit/88c3bbc45399c8ef2c8879aada8bfa91d8bc6c10
-
-Index: SSLeay.xs
---- SSLeay.xs.orig
-+++ SSLeay.xs
-@@ -1914,7 +1914,7 @@ X509 * find_issuer(X509 *cert,X509_STORE *store, STACK
-     return issuer;
- }
- 
--SV* bn2sv(BIGNUM* p_bn)
-+SV* bn2sv(const BIGNUM* p_bn)
- {
-     return p_bn != NULL
-         ? sv_2mortal(newSViv((IV) BN_dup(p_bn)))
-@@ -4157,6 +4157,7 @@ P_X509_get_crl_distribution_points(cert)
-                 */
-             }
-         }
-+        sk_DIST_POINT_pop_free(points, DIST_POINT_free);
- 
- void
- P_X509_get_ocsp_uri(cert)
-@@ -4178,6 +4179,7 @@ P_X509_get_ocsp_uri(cert)
- 		if (GIMME == G_SCALAR) break; /* get only first */
- 	    }
- 	}
-+	AUTHORITY_INFO_ACCESS_free(info);
- 
- 
- void
-@@ -4204,6 +4206,7 @@ P_X509_get_ext_key_usage(cert,format=0)
-            else if(format==3 && nid>0)
-                XPUSHs(sv_2mortal(newSVpv(OBJ_nid2ln(nid),0))); /* format 3: longname */
-         }
-+        EXTENDED_KEY_USAGE_free(extusage);
- 
- #endif
- 
-@@ -4224,6 +4227,7 @@ P_X509_get_key_usage(cert)
-             if (ASN1_BIT_STRING_get_bit(u,6)) XPUSHs(sv_2mortal(newSVpv("cRLSign",0)));
-             if (ASN1_BIT_STRING_get_bit(u,7)) XPUSHs(sv_2mortal(newSVpv("encipherOnly",0)));
-             if (ASN1_BIT_STRING_get_bit(u,8)) XPUSHs(sv_2mortal(newSVpv("decipherOnly",0)));
-+            ASN1_BIT_STRING_free(u);
-         }
- 
- void
-@@ -4242,6 +4246,7 @@ P_X509_get_netscape_cert_type(cert)
-             if (ASN1_BIT_STRING_get_bit(u,5)) XPUSHs(sv_2mortal(newSVpv("sslCA",0)));
-             if (ASN1_BIT_STRING_get_bit(u,6)) XPUSHs(sv_2mortal(newSVpv("emailCA",0)));
-             if (ASN1_BIT_STRING_get_bit(u,7)) XPUSHs(sv_2mortal(newSVpv("objCA",0)));
-+            ASN1_BIT_STRING_free(u);
-         }
- 
- int
-@@ -6283,9 +6288,29 @@ RSA_generate_key(bits,e,perl_cb=&PL_sv_undef,perl_data
- void
- RSA_get_key_parameters(rsa)
- 	    RSA * rsa
-+PREINIT:
-+#if defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)
-+    const BIGNUM *n, *e, *d;
-+    const BIGNUM *p, *q;
-+    const BIGNUM *dmp1, *dmq1, *iqmp;
-+#endif
- PPCODE:
- {
-+#if defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)
-+    RSA_get0_key(rsa, &n, &e, &d);
-+    RSA_get0_factors(rsa, &p, &q);
-+    RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
-     /* Caution: returned list consists of SV pointers to BIGNUMs, which would need to be blessed as Crypt::OpenSSL::Bignum for further use */
-+    XPUSHs(bn2sv(n));
-+    XPUSHs(bn2sv(e));
-+    XPUSHs(bn2sv(d));
-+    XPUSHs(bn2sv(p));
-+    XPUSHs(bn2sv(q));
-+    XPUSHs(bn2sv(dmp1));
-+    XPUSHs(bn2sv(dmq1));
-+    XPUSHs(bn2sv(iqmp));
-+#else
-+    /* Caution: returned list consists of SV pointers to BIGNUMs, which would need to be blessed as Crypt::OpenSSL::Bignum for further use */
-     XPUSHs(bn2sv(rsa->n));
-     XPUSHs(bn2sv(rsa->e));
-     XPUSHs(bn2sv(rsa->d));
-@@ -6294,9 +6319,10 @@ PPCODE:
-     XPUSHs(bn2sv(rsa->dmp1));
-     XPUSHs(bn2sv(rsa->dmq1));
-     XPUSHs(bn2sv(rsa->iqmp));
-+#endif
- }
- 
--#endif
-+#endif /* OpenSSL < 1.1 or LibreSSL */
- 
- void
- RSA_free(r)
-@@ -7010,6 +7036,7 @@ X509_VERIFY_PARAM_get0_peername(param)
- 
- #endif /* OpenSSL 1.0.2-beta2, LibreSSL 2.7.0 */
- 
-+#if !defined(LIBRESSL_VERSION_NUMBER) || (LIBRESSL_VERSION_NUMBER < 0x3080000fL) /* LibreSSL < 3.8.0 */
- void
- X509_policy_tree_free(tree)
-     X509_POLICY_TREE *tree
-@@ -7052,6 +7079,7 @@ const X509_POLICY_NODE *
- X509_policy_node_get0_parent(node)
-     const X509_POLICY_NODE *node
- 
-+#endif /* !(LibreSSL >= 3.7.0) */
- #endif
- 
- ASN1_OBJECT *
-@@ -7197,7 +7225,7 @@ ASN1_OBJECT *
- P_X509_get_signature_alg(x)
-         X509 * x
-     CODE:
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)
-         RETVAL = (X509_get0_tbs_sigalg(x)->algorithm);
- #else
-         RETVAL = (x->cert_info->signature->algorithm);
-@@ -7690,7 +7718,7 @@ OCSP_response_results(rsp,...)
- 		if (!idsv) {
- 		    /* getall: create new SV with OCSP_CERTID */
- 		    unsigned char *pi,*pc;
--#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)
- 		    int len = i2d_OCSP_CERTID((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(sir),NULL);
- #else
- 		    int len = i2d_OCSP_CERTID(sir->certId,NULL);
-@@ -7699,7 +7727,7 @@ OCSP_response_results(rsp,...)
- 		    Newx(pc,len,unsigned char);
- 		    if (!pc) croak("out of memory");
- 		    pi = pc;
--#if OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100003L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)
- 		    i2d_OCSP_CERTID((OCSP_CERTID *)OCSP_SINGLERESP_get0_id(sir),&pi);
- #else
- 		    i2d_OCSP_CERTID(sir->certId,&pi);