--- Makefile	(revision 509241)
+++ Makefile	(working copy)
@@ -7,7 +7,7 @@ 
 # no problems encountered so far.  Thanks.
 PORTNAME=	hadoop
 PORTVERSION=	2.7.2
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	devel java
 MASTER_SITES=	APACHE/${PORTNAME}/common/hadoop-${PORTVERSION} \
 		LOCAL/demon/:maven \
@@ -24,9 +24,6 @@ 
 
 LICENSE=	APACHE20
 
-BROKEN_SSL=	openssl111
-BROKEN_SSL_REASON_openssl111=	incomplete definition of type 'struct evp_cipher_ctx_st'
-
 BUILD_DEPENDS=	${LOCALBASE}/share/java/maven3/bin/mvn:devel/maven3 \
 		cmake:devel/cmake \
 		${LOCALBASE}/protobuf25/bin/protoc:devel/protobuf25
--- files/patch-openssl111	(nonexistent)
+++ files/patch-openssl111	(working copy)
@@ -0,0 +1,134 @@ 
+--- hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c
++++ hadoop-common-project/hadoop-common/src/main/native/src/org/apache/hadoop/crypto/OpensslCipher.c
+@@ -30,6 +30,11 @@ static void (*dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *);
+ static int (*dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *);
+ static void (*dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *);
+ static int (*dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int);
++static int (*dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int);
++static int (*dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++static int (*dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *);
++#endif
+ static int (*dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *, const EVP_CIPHER *,  \
+            ENGINE *, const unsigned char *, const unsigned char *, int);
+ static int (*dlsym_EVP_CipherUpdate)(EVP_CIPHER_CTX *, unsigned char *,  \
+@@ -46,6 +51,11 @@ typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_free)(EVP_CIPHER_CTX *);
+ typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_cleanup)(EVP_CIPHER_CTX *);
+ typedef void (__cdecl *__dlsym_EVP_CIPHER_CTX_init)(EVP_CIPHER_CTX *);
+ typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_set_padding)(EVP_CIPHER_CTX *, int);
++typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_test_flags)(const EVP_CIPHER_CTX *, int);
++typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_block_size)(const EVP_CIPHER_CTX *);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++typedef int (__cdecl *__dlsym_EVP_CIPHER_CTX_encrypting)(const EVP_CIPHER_CTX *);
++#endif
+ typedef int (__cdecl *__dlsym_EVP_CipherInit_ex)(EVP_CIPHER_CTX *,  \
+              const EVP_CIPHER *, ENGINE *, const unsigned char *,  \
+              const unsigned char *, int);
+@@ -60,6 +70,11 @@ static __dlsym_EVP_CIPHER_CTX_free dlsym_EVP_CIPHER_CTX_free;
+ static __dlsym_EVP_CIPHER_CTX_cleanup dlsym_EVP_CIPHER_CTX_cleanup;
+ static __dlsym_EVP_CIPHER_CTX_init dlsym_EVP_CIPHER_CTX_init;
+ static __dlsym_EVP_CIPHER_CTX_set_padding dlsym_EVP_CIPHER_CTX_set_padding;
++static __dlsym_EVP_CIPHER_CTX_test_flags dlsym_EVP_CIPHER_CTX_test_flags;
++static __dlsym_EVP_CIPHER_CTX_block_size dlsym_EVP_CIPHER_CTX_block_size;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++static __dlsym_EVP_CIPHER_CTX_encrypting dlsym_EVP_CIPHER_CTX_encrypting;
++#endif
+ static __dlsym_EVP_CipherInit_ex dlsym_EVP_CipherInit_ex;
+ static __dlsym_EVP_CipherUpdate dlsym_EVP_CipherUpdate;
+ static __dlsym_EVP_CipherFinal_ex dlsym_EVP_CipherFinal_ex;
+@@ -114,6 +129,14 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs
+                       "EVP_CIPHER_CTX_init");
+   LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_set_padding, env, openssl,  \
+                       "EVP_CIPHER_CTX_set_padding");
++  LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_test_flags, env, openssl,  \
++                      "EVP_CIPHER_CTX_test_flags");
++  LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_block_size, env, openssl,  \
++                      "EVP_CIPHER_CTX_block_size");
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++  LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CIPHER_CTX_encrypting, env, openssl,  \
++                      "EVP_CIPHER_CTX_encrypting");
++#endif
+   LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherInit_ex, env, openssl,  \
+                       "EVP_CipherInit_ex");
+   LOAD_DYNAMIC_SYMBOL(dlsym_EVP_CipherUpdate, env, openssl,  \
+@@ -135,6 +158,17 @@ JNIEXPORT void JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_initIDs
+   LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_set_padding,  \
+                       dlsym_EVP_CIPHER_CTX_set_padding, env,  \
+                       openssl, "EVP_CIPHER_CTX_set_padding");
++  LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_test_flags,  \
++                      dlsym_EVP_CIPHER_CTX_test_flags, env,  \
++                      openssl, "EVP_CIPHER_CTX_test_flags");
++  LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_block_size,  \
++                      dlsym_EVP_CIPHER_CTX_block_size, env,  \
++                      openssl, "EVP_CIPHER_CTX_block_size");
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++  LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CIPHER_CTX_encrypting,  \
++                      dlsym_EVP_CIPHER_CTX_encrypting, env,  \
++                      openssl, "EVP_CIPHER_CTX_encrypting");
++#endif
+   LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherInit_ex, dlsym_EVP_CipherInit_ex,  \
+                       env, openssl, "EVP_CipherInit_ex");
+   LOAD_DYNAMIC_SYMBOL(__dlsym_EVP_CipherUpdate, dlsym_EVP_CipherUpdate,  \
+@@ -253,14 +287,18 @@ JNIEXPORT jlong JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_init
+ static int check_update_max_output_len(EVP_CIPHER_CTX *context, int input_len, 
+     int max_output_len)
+ {
+-  if (context->flags & EVP_CIPH_NO_PADDING) {
++  if (  dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) {
+     if (max_output_len >= input_len) {
+       return 1;
+     }
+     return 0;
+   } else {
+-    int b = context->cipher->block_size;
++    int b = dlsym_EVP_CIPHER_CTX_block_size(context);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     if (context->encrypt) {
++#else
++    if (dlsym_EVP_CIPHER_CTX_encrypting(context)) {
++#endif
+       if (max_output_len >= input_len + b - 1) {
+         return 1;
+       }
+@@ -307,10 +345,10 @@ JNIEXPORT jint JNICALL Java_org_apache_hadoop_crypto_OpensslCipher_update
+ static int check_doFinal_max_output_len(EVP_CIPHER_CTX *context, 
+     int max_output_len)
+ {
+-  if (context->flags & EVP_CIPH_NO_PADDING) {
++  if (  dlsym_EVP_CIPHER_CTX_test_flags(context, EVP_CIPH_NO_PADDING) ) {
+     return 1;
+   } else {
+-    int b = context->cipher->block_size;
++    int b = dlsym_EVP_CIPHER_CTX_block_size(context);
+     if (max_output_len >= b) {
+       return 1;
+     }
+--- hadoop-tools/hadoop-pipes/src/main/native/pipes/impl/HadoopPipes.cc
++++ hadoop-tools/hadoop-pipes/src/main/native/pipes/impl/HadoopPipes.cc
+@@ -420,6 +420,7 @@ namespace HadoopPipes {
+     }
+ 
+     string createDigest(string &password, string& msg) {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+       HMAC_CTX ctx;
+       unsigned char digest[EVP_MAX_MD_SIZE];
+       HMAC_Init(&ctx, (const unsigned char *)password.c_str(), 
+@@ -428,7 +429,16 @@ namespace HadoopPipes {
+       unsigned int digestLen;
+       HMAC_Final(&ctx, digest, &digestLen);
+       HMAC_cleanup(&ctx);
+-
++#else
++      HMAC_CTX *ctx = HMAC_CTX_new();
++      unsigned char digest[EVP_MAX_MD_SIZE];
++      HMAC_Init_ex(ctx, (const unsigned char *)password.c_str(),
++          password.length(), EVP_sha1(), NULL);
++      HMAC_Update(ctx, (const unsigned char *)msg.c_str(), msg.length());
++      unsigned int digestLen;
++      HMAC_Final(ctx, digest, &digestLen);
++      HMAC_CTX_free(ctx);
++#endif
+       //now apply base64 encoding
+       BIO *bmem, *b64;
+       BUF_MEM *bptr;
+