LibreSSL 2.7.2

Jan Stary hans at
Sun Apr 22 09:33:26 UTC 2018

I prepared a PR to upgrade LibreSSL to 2.7.2

Three changes that seem most relevant to me
(quoting directly from the release notes):

* Fixed builds macOS 10.11 and older.

* Added support for many OpenSSL 1.0.2 and 1.1 APIs, based on
observations of real-world usage in applications. These are
implemented in parallel with existing OpenSSL 1.0.1 APIs
- visibility changes have not been made to existing structs,
allowing code written for older OpenSSL APIs to continue working.

* Extensive corrections, improvements, and additions to the
API documentation, including new public APIs from OpenSSL that had
no pre-existing documentation.

There is goodness; I have tested with a couple of ports,
and some ports can actually drop their patches.

I am writing here to give it a wider audience;
can maintainers/users of SSL-dependent ports
please test with this branch?

In particular, can people on MacOS 10.11
please describe what exactly the probem is/was
and please confirm it disappears with 2.7.2?

Given the extended compatibility with OpenSSL 1.0.2 and 1.1 API,
I suspect more ports will get easier, possibly dropping the patch
altogether (like e.g. libevent).

In particular, there is kerberos5; the libressl.patch must get easier now,
because we have EVP_MD_CTX_new() and EVP_MD_CTX_free(). I have not looked
at it in detail - Rainer, could you please look at it?

For completeness sake, Jeremy (maintainer)
has reservations to upgrading at all:


More information about the macports-users mailing list