Index: lang/python35/Makefile
===================================================================
--- lang/python35/Makefile	(revision 461752)
+++ lang/python35/Makefile	(working copy)
@@ -14,8 +14,6 @@
 
 LICENSE=	PSFL
 
-BROKEN_SSL=	openssl-devel
-
 USES=		cpe ncurses pathfix pkgconfig readline:port shebangfix ssl tar:xz
 PATHFIX_MAKEFILEIN=	Makefile.pre.in
 USE_LDCONFIG=	yes
Index: lang/python35/files/patch-issue30622
===================================================================
--- lang/python35/files/patch-issue30622	(nonexistent)
+++ lang/python35/files/patch-issue30622	(working copy)
@@ -0,0 +1,149 @@
+From 7316c6d4a57931e9786c06eae168b227d7463317 Mon Sep 17 00:00:00 2001
+From: Christian Heimes <christian@python.org>
+Date: Tue, 5 Sep 2017 16:00:44 +0200
+Subject: [PATCH] [3.6] bpo-30622: Change NPN detection: (GH-2079) (#3314)
+
+* Change NPN detection:
+
+Version breakdown, support disabled (pre-patch/post-patch):
+- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
+- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will not be defined ->
+False/False
+- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
+OPENSSL_NO_NEXTPROTONEG will be defined -> True/False
+
+Version breakdown support enabled (pre-patch/post-patch):
+- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False
+- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will be defined and
+OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True
+- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and
+OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True
+
+* Refine NPN guard:
+
+- If NPN is disabled, but ALPN is available we need our callback
+- Make clinic's ssl behave the same way
+
+This created a working ssl module for me, with NPN disabled and ALPN
+enabled for OpenSSL 1.1.0f.
+
+Concerns to address:
+The initial commit for NPN support into OpenSSL [1], had the
+OPENSSL_NPN_* variables defined inside the OPENSSL_NO_NEXTPROTONEG
+guard. The question is if that ever made it into a release.
+This would need an ugly hack, something like:
+
+	GH-if defined(OPENSSL_NO_NEXTPROTONEG) && \
+		!defined(OPENSSL_NPN_NEGOTIATED)
+	GH-	define OPENSSL_NPN_UNSUPPORTED 0
+	GH-	define OPENSSL_NPN_NEGOTIATED 1
+	GH-	define OPENSSL_NPN_NO_OVERLAP 2
+	GH-endif
+
+[1] https://github.com/openssl/openssl/commit/68b33cc5c7
+(cherry picked from commit b2d096b)
+--- Modules/_ssl.c.orig	2018-02-04 23:40:56 UTC
++++ Modules/_ssl.c
+@@ -260,7 +260,7 @@ static unsigned int _ssl_locks_count = 0
+ typedef struct {
+     PyObject_HEAD
+     SSL_CTX *ctx;
+-#ifdef OPENSSL_NPN_NEGOTIATED
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+     unsigned char *npn_protocols;
+     int npn_protocols_len;
+ #endif
+@@ -1605,7 +1605,7 @@ _ssl__SSLSocket_version_impl(PySSLSocket
+     return PyUnicode_FromString(version);
+ }
+ 
+-#ifdef OPENSSL_NPN_NEGOTIATED
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ /*[clinic input]
+ _ssl._SSLSocket.selected_npn_protocol
+ [clinic start generated code]*/
+@@ -2375,7 +2375,7 @@ _ssl__SSLContext_impl(PyTypeObject *type
+         return NULL;
+     }
+     self->ctx = ctx;
+-#ifdef OPENSSL_NPN_NEGOTIATED
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+     self->npn_protocols = NULL;
+ #endif
+ #ifdef HAVE_ALPN
+@@ -2469,7 +2469,7 @@ context_dealloc(PySSLContext *self)
+     PyObject_GC_UnTrack(self);
+     context_clear(self);
+     SSL_CTX_free(self->ctx);
+-#ifdef OPENSSL_NPN_NEGOTIATED
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+     PyMem_FREE(self->npn_protocols);
+ #endif
+ #ifdef HAVE_ALPN
+@@ -2501,7 +2501,7 @@ _ssl__SSLContext_set_ciphers_impl(PySSLC
+     Py_RETURN_NONE;
+ }
+ 
+-#ifdef OPENSSL_NPN_NEGOTIATED
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) || defined(HAVE_ALPN)
+ static int
+ do_protocol_selection(int alpn, unsigned char **out, unsigned char *outlen,
+                       const unsigned char *server_protocols, unsigned int server_protocols_len,
+@@ -2525,7 +2525,9 @@ do_protocol_selection(int alpn, unsigned
+ 
+     return SSL_TLSEXT_ERR_OK;
+ }
++#endif
+ 
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+ /* this callback gets passed to SSL_CTX_set_next_protos_advertise_cb */
+ static int
+ _advertiseNPN_cb(SSL *s,
+@@ -2568,7 +2570,7 @@ _ssl__SSLContext__set_npn_protocols_impl
+                                          Py_buffer *protos)
+ /*[clinic end generated code: output=72b002c3324390c6 input=319fcb66abf95bd7]*/
+ {
+-#ifdef OPENSSL_NPN_NEGOTIATED
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+     PyMem_Free(self->npn_protocols);
+     self->npn_protocols = PyMem_Malloc(protos->len);
+     if (self->npn_protocols == NULL)
+@@ -4843,7 +4845,7 @@ PyInit__ssl(void)
+     Py_INCREF(r);
+     PyModule_AddObject(m, "HAS_ECDH", r);
+ 
+-#ifdef OPENSSL_NPN_NEGOTIATED
++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)
+     r = Py_True;
+ #else
+     r = Py_False;
+ Modules/_ssl.c          | 16 +++++++++-------
+ Modules/clinic/_ssl.c.h |  6 +++---
+ 2 files changed, 12 insertions(+), 10 deletions(-)
+
+--- Modules/clinic/_ssl.c.h.orig	2018-02-04 23:40:56 UTC
++++ Modules/clinic/_ssl.c.h
+@@ -130,7 +130,7 @@ _ssl__SSLSocket_version(PySSLSocket *sel
+     return _ssl__SSLSocket_version_impl(self);
+ }
+ 
+-#if defined(OPENSSL_NPN_NEGOTIATED)
++#if (defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG))
+ 
+ PyDoc_STRVAR(_ssl__SSLSocket_selected_npn_protocol__doc__,
+ "selected_npn_protocol($self, /)\n"
+@@ -149,7 +149,7 @@ _ssl__SSLSocket_selected_npn_protocol(Py
+     return _ssl__SSLSocket_selected_npn_protocol_impl(self);
+ }
+ 
+-#endif /* defined(OPENSSL_NPN_NEGOTIATED) */
++#endif /* (defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG)) */
+ 
+ #if defined(HAVE_ALPN)
+ 
+@@ -1102,4 +1102,4 @@ exit:
+ #ifndef _SSL_ENUM_CRLS_METHODDEF
+     #define _SSL_ENUM_CRLS_METHODDEF
+ #endif /* !defined(_SSL_ENUM_CRLS_METHODDEF) */
+-/*[clinic end generated code: output=6fb10594d8351dc5 input=a9049054013a1b77]*/
++/*[clinic end generated code: output=a8b184655068c238 input=a9049054013a1b77]*/

Property changes on: lang/python35/files/patch-issue30622
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property