If p1 means pre-release, and 5.9.2 will follow, you need to set DISTVERSION=5.9.2p1, it will make PORTVERSION=5.9.2.p1

$ pkg version -t 5.9.2.p1 5.9.2
<

If p1 means "patch 1" meaning it is after 5.9.2, then you should set PORTVERSION=5.9.2p1:

$ pkg version -t 5.9.2 5.9.2p1
<

It's the second one, Bernard.

Shouldn't that be

... && empty(PORT:OPTIONS:MSSL_PORT)

If it works with make on 9 & 10, it's ok :-) (I never remember which form works)

Meaning in OpenBSD derivative projects is "portable" not "patch" (e.g. security/openssh). Aligned PORVERSION to naming in security/openssh.

Correct. Yet the options check is unnecessary anyway, OK to clobber WITH_OPENSSL_PORT even if SSL_PORT is set.
Check should be against OpenSSL >= 1.0.1 which is in OSVERSION 1000015
SSL_PORT option moved to SSL_PORT_VARS=

Do those directories need to get manually chgrp'ed as well?

Correct me if I'm wrong, but doesn't using ${OPENSSLBASE} have to happen after bsd.port.pre.mk?

If somebody sets OPENSSL_PORT=security/libressl but hasn't built any ports yet, won't it fall back to security/openssl?

After executing

Performing sanity check on smtpd configuration:
configuration OK
Starting smtpd.
unknown group _smtpq
/usr/local/etc/rc.d/smtpd: WARNING: failed to start smtpd
/var/spool/smtpd/offline

thsi is solved by adding _smtpq group (pkg does that now).
Then starting smtpd failed to start due to the mode on /var/spool/smtpd/offline and /var/spool/smtpd/purge.
After executing

chmod 770 /var/spool/smtpd/offline
chmod 700 /var/spool/smtpd/purge

It has been running 5.9.2 fine since, but it'd be great if someone could upgrade a 5.7 system to see if this replicates!

Just found another regression, no matches for 'smtpd: \[priv\]' . Not sure if something failed or process names changed... According to Gilles this will remail the case, got to adapt the rc-script. check for /usr/local/sbin/smtpd instead.

The pkg-message also has text on upgrading, got to add this as well!

On a fresh installation, /var/spool/smtpd/offline is created with user _smtpq. Users should do that too.

# chgrp _smtpq /var/spool/smtpd/offline

This sentence makes no sense. I'm not even sure what you were trying to say here.

Was is "Stop the smtpd service before performing these commands"? If so, before the chmod commands put

# service smtpd stop
# chmod 770 [...]

Bernard, this doesn't work at all. None of the OPTIONS stuff can come after bsd.port.pre.mk.

Put it back where it was, and then right change the .include <bsd.port.options.mk> line to this:

.include <bsd.port.pre.mk>

CONFIGURE_ARGS+=    --with-ssl=${OPENSSLBASE}

.if ${OPSYS} == FreeBSD && [etc.]

Of course, delete the --with-ssl line from the original CONFIGURE_ARGS line.

Hope this makes more sense.

I still think you should add:

# chgrp _smtpq /var/spool/smtpd/offline

Bernard, buddy, this doesn't work either :-) It clobbers the stuff from the OPTIONS helpers.

Either make this +=, or just add the --with-ssl line after .pre.mk.

Seems so indeed, but smtpd performs that chgrp itself. No clue why it doesn't do the other modes itself but fails on these :sad:

Argghhh... Absolutely...
Got to setup a separate jail for building that does not have LibreSSL in base. Diff is becoming unwieldy to properly port!