Index: head/security/testssl.sh/Makefile
===================================================================
--- head/security/testssl.sh/Makefile	(revision 453644)
+++ head/security/testssl.sh/Makefile	(revision 453645)
@@ -1,83 +1,40 @@
 # $FreeBSD$
 
 PORTNAME=	testssl.sh
 DISTVERSIONPREFIX=	v
 DISTVERSION=	2.9.5-1
+PORTREVISION=	1
 CATEGORIES=	security
 
 MAINTAINER=	tobik@FreeBSD.org
 COMMENT=	Test TLS/SSL encryption anywhere on any port
 
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
-RUN_DEPENDS=	bash:shells/bash
+RUN_DEPENDS=	bash:shells/bash \
+		${LOCALBASE}/openssl-unsafe/bin/openssl:security/openssl-unsafe
 
-USES=		perl5 shebangfix ssl:build
+USES=		shebangfix
 USE_GITHUB=	yes
 GH_ACCOUNT=	drwetter
-GH_TUPLE=	drwetter:openssl-pm-snapshot:a9396aaef81d5c1ed714fc625b593522d25914b1:openssl
-USE_PERL5=	build
 
+NO_BUILD=	yes
+
 SHEBANG_FILES=	testssl.sh utils/*
 
-# We deliberately want to build an OpenSSL binary with the most
-# insecure and obsolete ciphers available for testing purposes!  See
-# ${WRKSRC_testssl}/bin/Readme.md and utils/make-openssl.sh for more
-# details.
-HAS_CONFIGURE=	yes
-CONFIGURE_ARGS=	--openssldir=${OPENSSLDIR} \
-		enable-zlib \
-		enable-ssl2 \
-		enable-ssl3 \
-		enable-ssl-trace \
-		enable-rc5 \
-		enable-rc2 \
-		enable-gost \
-		enable-cms \
-		enable-md2 \
-		enable-mdc2 \
-		enable-ec \
-		enable-ec2m \
-		enable-ecdh \
-		enable-ecdsa \
-		enable-seed \
-		enable-camellia \
-		enable-idea \
-		enable-rfc3779 \
-		experimental-jpake \
-		-DOPENSSL_USE_IPV6
-CONFIGURE_ENV=	PERL="${PERL}"
-CONFIGURE_SCRIPT=	config
-
-BUILD_WRKSRC=		${WRKSRC_openssl}
-CONFIGURE_WRKSRC=	${WRKSRC_openssl}
-
-# The build randomly fails sometimes when building in parallel for
-# unknown reasons.
-MAKE_JOBS_UNSAFE=	yes
-
-.include <bsd.port.pre.mk>
-
-.if ${ARCH} == "amd64"
-CONFIGURE_ARGS+=	enable-ec_nistp_64_gcc_128
-.else
-CONFIGURE_ARGS+=	no-ec_nistp_64_gcc_128
-.endif
-
 post-patch:
 	@${REINPLACE_CMD} -e '/elif test_openssl_suffix/d' \
-		-e 's@:    \# 5. we tried.*$$@else OPENSSL="${PREFIX}/libexec/openssl.testssl.sh"@' \
+		-e 's@OPENSSL=PREFIX@OPENSSL=${PREFIX}@' \
 		-e 's@$${TESTSSL_INSTALL_DIR:-""}@$${TESTSSL_INSTALL_DIR:-"${DATADIR}"}@' \
 		-e '/check_bsd_mount$$/d' \
 		${WRKSRC}/testssl.sh
 
 do-install:
-	${INSTALL_PROGRAM} ${WRKSRC_openssl}/apps/openssl ${STAGEDIR}${PREFIX}/libexec/openssl.testssl.sh
 	${INSTALL_SCRIPT} ${WRKSRC}/testssl.sh ${STAGEDIR}${PREFIX}/bin
 	${INSTALL_MAN} ${WRKSRC}/doc/testssl.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
 	@${MKDIR} ${STAGEDIR}${DATADIR}/etc ${STAGEDIR}${DATADIR}/utils
 	@cd ${WRKSRC}/etc && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/etc
 	@cd ${WRKSRC}/utils && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/utils
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>
Index: head/security/testssl.sh/distinfo
===================================================================
--- head/security/testssl.sh/distinfo	(revision 453644)
+++ head/security/testssl.sh/distinfo	(revision 453645)
@@ -1,5 +1,3 @@
-TIMESTAMP = 1505985513
+TIMESTAMP = 1509917288
 SHA256 (drwetter-testssl.sh-v2.9.5-1_GH0.tar.gz) = 505ba9400e1a49759ba84d0cf6ae79f3787f111c64a319094de69635b786c72a
 SIZE (drwetter-testssl.sh-v2.9.5-1_GH0.tar.gz) = 8955528
-SHA256 (drwetter-openssl-pm-snapshot-a9396aaef81d5c1ed714fc625b593522d25914b1_GH0.tar.gz) = 798230c8dc8d7723fff5f6687b1150a3165254eb65c4f6875b7b6b66a53f9c47
-SIZE (drwetter-openssl-pm-snapshot-a9396aaef81d5c1ed714fc625b593522d25914b1_GH0.tar.gz) = 5491000
Index: head/security/testssl.sh/files/patch-testssl.sh
===================================================================
--- head/security/testssl.sh/files/patch-testssl.sh	(nonexistent)
+++ head/security/testssl.sh/files/patch-testssl.sh	(revision 453645)
@@ -0,0 +1,12 @@
+--- testssl.sh.orig	2017-11-05 21:50:58 UTC
++++ testssl.sh
+@@ -164,6 +164,9 @@ TERM_CURRPOS=0                          
+ ## CONFIGURATION PART ##
+ # following variables make use of $ENV, e.g. OPENSSL=<myprivate_path_to_openssl> ./testssl.sh <host>
+ # 0 means (normally) true here. Some of the variables are also accessible with a command line switch, see --help
++if [[ -z "$OPENSSL" ]] ; then
++     OPENSSL=PREFIX/openssl-unsafe/bin/openssl
++fi
+ declare -x OPENSSL OPENSSL_TIMEOUT
+ FAST_SOCKET=${FAST_SOCKET:-false}       # EXPERIMENTAL feature to accelerate sockets -- DO NOT USE it for production
+ COLOR=${COLOR:-2}                       # 2: Full color, 1: b/w+positioning, 0: no ESC at all

Property changes on: head/security/testssl.sh/files/patch-testssl.sh
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/security/testssl.sh/pkg-plist
===================================================================
--- head/security/testssl.sh/pkg-plist	(revision 453644)
+++ head/security/testssl.sh/pkg-plist	(revision 453645)
@@ -1,31 +1,30 @@
 bin/testssl.sh
-libexec/openssl.testssl.sh
 man/man1/testssl.1.gz
 %%DATADIR%%/etc/Apple.pem
 %%DATADIR%%/etc/ca_hashes.txt
 %%DATADIR%%/etc/cipher-mapping.txt
 %%DATADIR%%/etc/client_simulation.txt
 %%DATADIR%%/etc/client-simulation.txt
 %%DATADIR%%/etc/common-primes.txt
 %%DATADIR%%/etc/curves.txt
 %%DATADIR%%/etc/Linux.pem
 %%DATADIR%%/etc/Microsoft.pem
 %%DATADIR%%/etc/Mozilla.pem
 %%DATADIR%%/etc/README.md
 %%DATADIR%%/etc/tls_data.txt
 %%DATADIR%%/utils/00_unittest_baseline.sh
 %%DATADIR%%/utils/ccs-injection.bash
 %%DATADIR%%/utils/checkcert.sh
 %%DATADIR%%/utils/create_ca_hashes.sh
 %%DATADIR%%/utils/curves.bash
 %%DATADIR%%/utils/generate_static_cipher_lists.sh
 %%DATADIR%%/utils/gmap2testssl.sh
 %%DATADIR%%/utils/heartbleed.bash
 %%DATADIR%%/utils/make-openssl.sh
 %%DATADIR%%/utils/parse_client_ciphers.pl
 %%DATADIR%%/utils/prototype.ssl2proto-check.bash
 %%DATADIR%%/utils/prototype.tls-protocol-checker.bash
 %%DATADIR%%/utils/resume.sh
 %%DATADIR%%/utils/ticketbleed.bash
 %%DATADIR%%/utils/update_client_sim_data.pl
 %%DATADIR%%/utils/wireshark2ciphers.pl