Index: head/security/sslscan/Makefile
===================================================================
--- head/security/sslscan/Makefile	(revision 433488)
+++ head/security/sslscan/Makefile	(revision 433489)
@@ -1,25 +1,24 @@
 # Created by: Matthieu BOUTHORS <matthieu@labs.fr>
 # $FreeBSD$
 
 PORTNAME=	sslscan
-PORTVERSION=	1.11.6
+PORTVERSION=	1.11.8
 DISTVERSIONSUFFIX=	-${GH_ACCOUNT}
 CATEGORIES=	security
 
 MAINTAINER=	gavin@FreeBSD.org
 COMMENT=	SSLScan is a fast SSL port scanner
 
 LICENSE=	GPLv3
 
-USES=		gmake
-USE_OPENSSL=	yes
+USES=		gmake ssl
 USE_GITHUB=	yes
 GH_ACCOUNT=	rbsec
 
 .include <bsd.port.pre.mk>
 
 .if ${SSL_DEFAULT:Mopenssl-devel}
 BROKEN=		Does not build with openssl-devel
 .endif
 
 .include <bsd.port.post.mk>
Index: head/security/sslscan/distinfo
===================================================================
--- head/security/sslscan/distinfo	(revision 433488)
+++ head/security/sslscan/distinfo	(revision 433489)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1464783619
-SHA256 (rbsec-sslscan-1.11.6-rbsec_GH0.tar.gz) = 18932a78ad968dc5859b8cc72c84e64a46367887eb9302eaf13069bb9da1e08d
-SIZE (rbsec-sslscan-1.11.6-rbsec_GH0.tar.gz) = 50002
+TIMESTAMP = 1486214215
+SHA256 (rbsec-sslscan-1.11.8-rbsec_GH0.tar.gz) = 1449f8bb45d323b322cb070a74d8dcc57b43ca2dba0560e7a16151efc8b3d911
+SIZE (rbsec-sslscan-1.11.8-rbsec_GH0.tar.gz) = 51583
Index: head/security/sslscan/files/patch-Makefile
===================================================================
--- head/security/sslscan/files/patch-Makefile	(revision 433488)
+++ head/security/sslscan/files/patch-Makefile	(revision 433489)
@@ -1,33 +1,33 @@
---- Makefile.orig	2016-03-24 21:02:55 UTC
+--- Makefile.orig	2016-11-06 13:27:11 UTC
 +++ Makefile
 @@ -3,7 +3,7 @@ ifndef CC
    CC=gcc
  endif
  
 -GIT_VERSION = $(shell git describe --tags --always --dirty=-wip)
 +#GIT_VERSION = $(shell git describe --tags --always --dirty=-wip)
  
  # Ugly hack to get version if git isn't installed
  ifeq ($(GIT_VERSION),)
 @@ -14,9 +14,9 @@ endif
  OS := $(shell uname)
  
  SRCS      = sslscan.c
 -PREFIX    = /usr
 +#PREFIX    = /usr
  BINDIR    = $(PREFIX)/bin
 -MANDIR    = $(PREFIX)/share/man
 +MANDIR    = $(PREFIX)/man
  MAN1DIR   = $(MANDIR)/man1
  
  WARNINGS  = -Wall -Wformat=2
-@@ -68,6 +68,9 @@ install:
- ifeq ($(OS), Darwin)
+@@ -70,6 +70,9 @@ ifeq ($(OS), Darwin)
  	install sslscan $(DESTDIR)$(BINDIR)/sslscan;
+ 	install -d $(DESTDIR)$(MAN1DIR)/;
  	install sslscan.1 $(DESTDIR)$(MAN1DIR)/sslscan.1;
 +else ifeq ($(OS), FreeBSD)
 +	install -s -m 755 sslscan $(DESTDIR)$(BINDIR)
 +	install -m 644 sslscan.1 $(DESTDIR)$(MAN1DIR)
  else
  	install -D sslscan $(DESTDIR)$(BINDIR)/sslscan;
  	install -D sslscan.1 $(DESTDIR)$(MAN1DIR)/sslscan.1;
Index: head/security/sslscan/files/patch-sslscan.c
===================================================================
--- head/security/sslscan/files/patch-sslscan.c	(revision 433488)
+++ head/security/sslscan/files/patch-sslscan.c	(revision 433489)
@@ -1,23 +1,40 @@
---- sslscan.c.orig	2016-03-24 21:02:55 UTC
+--- sslscan.c.orig	2016-11-06 13:27:11 UTC
 +++ sslscan.c
-@@ -788,7 +788,7 @@ int testCompression(struct sslCheckOptio
+@@ -829,7 +829,7 @@ int testCompression(struct sslCheckOptio
  #endif
                          {
                              printf("%sOpenSSL version does not support compression%s\n", COL_RED, RESET);
 -                            printf("%sRebuild with zlib1g-dev package for zlib support%s\n\n", COL_RED, RESET);
 +                            printf("\n");
                          }
  
                          // Disconnect SSL over socket
-@@ -1291,7 +1291,11 @@ int testCipher(struct sslCheckOptions *o
+@@ -1155,14 +1155,14 @@ int testRenegotiation(struct sslCheckOpt
+                                 printf_verbose("Attempting SSL_do_handshake(ssl)\n");
+                                 SSL_do_handshake(ssl); // Send renegotiation request to server //TODO :: XXX hanging here
+ 
+-                                if (ssl->state == SSL_ST_OK)
++                                if (SSL_get_state(ssl) == SSL_ST_OK)
+                                 {
+                                     res = SSL_do_handshake(ssl); // Send renegotiation request to server
+                                     if( res != 1 )
+                                     {
+                                         printf_error("\n\nSSL_do_handshake() call failed\n");
+                                     }
+-                                    if (ssl->state == SSL_ST_OK)
++                                    if (SSL_get_state(ssl) == SSL_ST_OK)
+                                     {
+                                         /* our renegotiation is complete */
+                                         renOut->supported = true;
+@@ -1504,7 +1504,11 @@ int testCipher(struct sslCheckOptions *o
                      return false;
                  }
  
 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
  		cipherid = SSL_CIPHER_get_id(sslCipherPointer);
 +#else
 +		cipherid = sslCipherPointer->id;
 +#endif
  		cipherid = cipherid & 0x00ffffff;  // remove first byte which is the version (0x03 for TLSv1/SSLv3)
  
                  // Show Cipher Status