Index: head/devel/qca/Makefile
===================================================================
--- head/devel/qca/Makefile	(revision 420302)
+++ head/devel/qca/Makefile	(revision 420303)
@@ -1,50 +1,51 @@
 # Created by: Vsevolod Stakhov <vsevolod@highsecure.ru>
 # $FreeBSD$
 
 PORTNAME=	qca
 PORTVERSION=	2.1.1
+PORTREVISION=	1
 CATEGORIES=	devel
 MASTER_SITES=	KDE/stable/qca/${PORTVERSION}/src
 
 MAINTAINER=	kde@FreeBSD.org
 COMMENT=	Cross-platform crypto API for Qt 4
 
 BUILD_DEPENDS=	${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
 RUN_DEPENDS=	${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
 
 USES=		cmake:outsource tar:xz
 CMAKE_ARGS=	-DBUILD_PLUGINS=none -DBUILD_TESTS=no \
 		-DPKGCONFIG_INSTALL_PREFIX=${PREFIX}/libdata/pkgconfig \
 		-DQCA_FEATURE_INSTALL_DIR=${QT_MKSPECDIR}/features \
 		-DQCA_MAN_INSTALL_DIR=${PREFIX}/man
 CONFIGURE_ENV=	QC_CERTSTORE_PATH=${LOCALBASE}/share/certs/ca-root-nss.crt
 USE_LDCONFIG=	yes
 
 .if defined(PKGNAMESUFFIX)
 CMAKE_ARGS+=	-DQCA_SUFFIX=qt5
 USE_QT5=	core buildtools_build qmake_build
 .else
 USE_QT4=	corelib moc_build qmake_build rcc_build
 CMAKE_ARGS+=	-DQT4_BUILD=yes
 .endif
 
 PLIST_SUB=	SHLIB_VER=${PORTVERSION}
 
 OPTIONS_DEFINE=	GNUPG OPENSSL SASL
 OPTIONS_DEFAULT=GNUPG OPENSSL
 OPTIONS_SUB=	yes
 
 GNUPG_CMAKE_ON=		-DWITH_gnupg_PLUGIN=yes
 GNUPG_RUN_DEPENDS=	gpg2:security/gnupg
 
 OPENSSL_CMAKE_ON=	-DWITH_ossl_PLUGIN=yes
 OPENSSL_USES=		ssl
 
 SASL_CMAKE_ON=		-DWITH_cyrus-sasl_PLUGIN=yes
 SASL_LIB_DEPENDS=	libsasl2.so:security/cyrus-sasl2
 
 post-patch:
 # Qt Network module is used for tests only
 	${REINPLACE_CMD} 's,Core Network,Core,' ${WRKSRC}/CMakeLists.txt
 
 .include <bsd.port.mk>
Index: head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
===================================================================
--- head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp	(revision 420302)
+++ head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp	(revision 420303)
@@ -1,59 +1,73 @@
 qca-ossl: Fix build without SSLv3
 http://quickgit.kde.org/?p=qca.git&a=commit&h=20a587d77636186edb044cd2b71d6d90fe98d232
 
 This fixes building with LibreSSL >= 2.3.0 which has removed support
 for SSLv3 completely. As far as I know OpenSSL can be configured to
 build without it, so it might be helpful there as well.
 
 REVIEW: 125386
 
 qca-ossl: Fix build without support for SHA-0
 https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156
 
 LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
 anymore.
 Wikipedia says about SHA-0: "160-bit hash function published in 1993
 under the name SHA. It was withdrawn shortly after publication due to
 an undisclosed "significant flaw" and replaced by the slightly revised
 version SHA-1.'
 
 REVIEW: 125387
 
+Also includes:
+qca-ossl: Remove SHA0 from all_hash_types() when it is not available.
+https://git.reviewboard.kde.org/r/128700/
+
 --- plugins/qca-ossl/qca-ossl.cpp.orig	2015-10-02 09:39:21 UTC
 +++ plugins/qca-ossl/qca-ossl.cpp
 @@ -5403,9 +5403,11 @@ public:
  			ctx = SSL_CTX_new(SSLv2_client_method());
  			break;
  #endif
 +#ifndef OPENSSL_NO_SSL3_METHOD
  		case TLS::SSL_v3:
  			ctx = SSL_CTX_new(SSLv3_client_method());
  			break;
 +#endif
  		case TLS::TLS_v1:
  			ctx = SSL_CTX_new(TLSv1_client_method());
  			break;
 @@ -5805,7 +5807,11 @@ public:
  	{
  		SessionInfo sessInfo;
  
 -		sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session));
 +#ifndef OPENSSL_NO_COMP
 +		sessInfo.isCompressed = (0 != ssl->session->compress_meth);
 +#else
 +		sessInfo.isCompressed = 0;
 +#endif
  
  		if (ssl->version == TLS1_VERSION)
  			sessInfo.version = TLS::TLS_v1;
-@@ -7133,8 +7139,10 @@ public:
+@@ -6880,7 +6886,9 @@ static QStringList all_hash_types()
+ {
+ 	QStringList list;
+ 	list += "sha1";
++#ifdef HAVE_OPENSSL_SHA0
+ 	list += "sha0";
++#endif
+ 	list += "ripemd160";
+ #ifdef HAVE_OPENSSL_MD2
+ 	list += "md2";
+@@ -7133,8 +7141,10 @@ public:
  			return new opensslInfoContext(this);
  		else if ( type == "sha1" )
  			return new opensslHashContext( EVP_sha1(), this, type);
 +#ifdef HAVE_OPENSSL_SHA0
  		else if ( type == "sha0" )
  			return new opensslHashContext( EVP_sha(), this, type);
 +#endif
  		else if ( type == "ripemd160" )
  			return new opensslHashContext( EVP_ripemd160(), this, type);
  #ifdef HAVE_OPENSSL_MD2