80 files changed, 234 insertions, 2628 deletions

diff --git a/package/.template/Makefile b/package/.template/Makefile
index f60be74bb..2c54be734 100644
--- a/package/.template/Makefile
+++ b/package/.template/Makefile
@@ -36,20 +36,20 @@ PKG_SITES:=		add download url without package name
 # flavour description
 #PKGFD_WITH_SSL:=	enable SSL support
 # flavour runtime dependency, package name
-#PKGFS_WITH_SSL:=	libopenssl
+#PKGFS_WITH_SSL:=	libressl
 # flavour build time dependency, package dir
-#PKGFB_WITH_SSL:=	openssl
+#PKGFB_WITH_SSL:=	libressl
 
 # define your choices for your package here, f.e. different SSL implementations
-#PKG_CHOICES_PKGNAME:=	WITH_OPENSSL WITH_GNUTLS
+#PKG_CHOICES_PKGNAME:=	WITH_LIBRESSL WITH_GNUTLS
 # package description for each choice
-#PKGCD_WITH_OPENSSL:=	SSL support via OpenSSL library
-#PKGCD_WITH_GNUTLS:=	SSL support via GNUTLS library
+#PKGCD_WITH_LIBRESSL:=	ssl support via libressl library
+#PKGCD_WITH_GNUTLS:=	ssl support via gnutls library
 # package build time dependencies
-#PKGCB_WITH_OPENSSL:=	openssl
+#PKGCB_WITH_LIBRESSL:=	libressl
 #PKGCB_WITH_GNUTLS:=	gnutls
 # package runtime dependencies
-#PKGCS_WITH_OPENSSL:=	libopenssl
+#PKGCS_WITH_LIBRESSL:=	libressl
 #PKGCS_WITH_GNUTLS:=	libgnutls
 
 # if downloaded package is not ending with .tar.xz use following
diff --git a/package/aircrack-ng/Makefile b/package/aircrack-ng/Makefile
index ee83a9641..fcf618885 100644
--- a/package/aircrack-ng/Makefile
+++ b/package/aircrack-ng/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:=		1
 PKG_HASH:=		ba5b3eda44254efc5b7c9f776eb756f7cc323ad5d0813c101e92edb483d157e9
 PKG_DESCR:=		set of tools for auditing wireless networks
 PKG_SECTION:=		net/wifi
-PKG_DEPENDS:=		libpcap libnl
-PKG_BUILDDEP:=		libpcap libnl
+PKG_DEPENDS:=		libpcap libnl libressl
+PKG_BUILDDEP:=		libpcap libnl libressl
 PKG_NEEDS:=		threads
 PKG_URL:=		http://www.aircrack-ng.org/
 PKG_SITES:=		http://download.aircrack-ng.org/
 # do not build parallel, otherwise libosdep.a may not be ready when compiling airtun-ng
 PKG_NOPARALLEL:=	1
 
-PKG_CHOICES_AIRCRACK_NG:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl
-
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}-rc2.tar.gz
 WRKDIST=		${WRKDIR}/${PKG_NAME}-${PKG_VERSION}-rc2
 
diff --git a/package/asterisk/Makefile b/package/asterisk/Makefile
index 27eb3b924..3367cce94 100644
--- a/package/asterisk/Makefile
+++ b/package/asterisk/Makefile
@@ -9,21 +9,13 @@ PKG_RELEASE:=		2
 PKG_HASH:=		7b3d84a3403fce590377808eaa4b08b6320666ca0e37eba0ad578b66211b13c8
 PKG_DESCR:=		open source pbx
 PKG_SECTION:=		net/voip
-PKG_DEPENDS:=		libncurses libcurl
-PKG_BUILDDEP:=		ncurses zlib curl popt
+PKG_DEPENDS:=		libncurses libcurl libressl
+PKG_BUILDDEP:=		ncurses zlib curl popt libressl
 PKG_NEEDS:=		threads c++
 PKG_URL:=		http://www.asterisk.org/
 PKG_SITES:=		http://downloads.asterisk.org/pub/telephony/asterisk/releases/
 PKG_NOPARALLEL:=	1
 
-PKG_CHOICES_ASTERISK:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl ca-certificates
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl ca-certificates
-
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 
 PKG_LIBC_DEPENDS:=	uclibc-ng glibc
diff --git a/package/bind/Makefile b/package/bind/Makefile
index 0646631df..0a2852fcc 100644
--- a/package/bind/Makefile
+++ b/package/bind/Makefile
@@ -9,22 +9,14 @@ PKG_RELEASE:=		1
 PKG_HASH:=		f8d412b38d5ac390275b943bde69f4608f67862a45487ec854b30e4448fcb056
 PKG_DESCR:=		dns server
 PKG_SECTION:=		net/dns
-PKG_DEPENDS:=		libxml2
-PKG_BUILDDEP:=		libxml2
+PKG_DEPENDS:=		libxml2 libressl
+PKG_BUILDDEP:=		libxml2 libressl
 PKG_NEEDS:=		c++
 PKG_URL:=		https://www.isc.org/software/bind/
 PKG_SITES:=		ftp://ftp.isc.org/isc/bind9/${PKG_VERSION}/
 PKG_LIBNAME:=		libbind
 PKG_OPTS:=		dev
 
-PKG_CHOICES_LIBBIND:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl ca-certificates
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl ca-certificates
-
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 
 PKG_SUBPKGS:=		LIBBIND BIND_SERVER BIND_NSUPDATE BIND_RNDC BIND_CHECK BIND_DNSSEC BIND_HOST BIND_DIG
diff --git a/package/bitlbee/Makefile b/package/bitlbee/Makefile
index 02f85f299..59ede8f3d 100644
--- a/package/bitlbee/Makefile
+++ b/package/bitlbee/Makefile
@@ -9,19 +9,11 @@ PKG_RELEASE:=		1
 PKG_HASH:=		408a737b35db4b9c407e3db09b2d2e7b528836a68e2d783373254b78812bf608
 PKG_DESCR:=		irc gateway to im chat networks
 PKG_SECTION:=		app/chat
-PKG_DEPENDS:=		glib
-PKG_BUILDDEP:=		glib
+PKG_DEPENDS:=		glib libressl
+PKG_BUILDDEP:=		glib libressl
 PKG_URL:=		http://www.bitlbee.org/
 PKG_SITES:=		http://get.bitlbee.org/src/
 
-PKG_CHOICES_BITLBEE:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl ca-certificates
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl ca-certificates
-
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 
 include ${ADK_TOPDIR}/mk/package.mk
diff --git a/package/crda/Makefile b/package/crda/Makefile
index 5f887d677..c63608b6e 100644
--- a/package/crda/Makefile
+++ b/package/crda/Makefile
@@ -21,10 +21,7 @@ PKGFD_WITH_UDEV:=	install shipped udev rules
 PKGFS_WITH_UDEV:=	udev
 PKGFB_WITH_UDEV:=	eudev
 
-PKG_CHOICES_CRDA:=	WITH_LIBRESSL WITH_OPENSSL WITH_GCRYPT
-PKGCD_WITH_OPENSSL:=	ssl support via openssl library
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl
+PKG_CHOICES_CRDA:=	WITH_LIBRESSL WITH_GCRYPT
 PKGCD_WITH_LIBRESSL:=	ssl support via libressl library
 PKGCB_WITH_LIBRESSL:=	libressl
 PKGCS_WITH_LIBRESSL:=	libressl
@@ -39,7 +36,7 @@ $(eval $(call PKG_template,CRDA,crda,$(PKG_VERSION)-$(PKG_RELEASE),$(PKG_DEPENDS
 CONFIG_STYLE:=		manual
 ALL_TARGET:=		all_noverify
 
-ifneq ($(ADK_PACKAGE_CRDA_WITH_OPENSSL)$(ADK_PACKAGE_CRDA_WITH_LIBRESSL),)
+ifneq ($(ADK_PACKAGE_CRDA_WITH_LIBRESSL),)
 XAKE_FLAGS+=		USE_OPENSSL=1
 endif
 
diff --git a/package/cryptodev-linux/Makefile b/package/cryptodev-linux/Makefile
index 6998ac1a1..cb3c76085 100644
--- a/package/cryptodev-linux/Makefile
+++ b/package/cryptodev-linux/Makefile
@@ -9,18 +9,12 @@ PKG_RELEASE:=		1
 PKG_HASH:=		67fabde9fb67b286a96c4f45b594b0eccd0f761b495705c18f2ae9461b831376
 PKG_DESCR:=		device that allows access to kernel cryptographic drivers
 PKG_SECTION:=		app/crypto
+PKG_DEPENDS:=		libressl
+PKG_BUILDDEP:=		libressl
 PKG_KDEPENDS:=		crypto-aead crypto-algapi crypto-manager
 PKG_URL:=		http://home.gna.org/cryptodev-linux/
 PKG_SITES:=		http://download.gna.org/cryptodev-linux/
 
-PKG_CHOICES_CRYPTODEV_LINUX:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl
-
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 
 include $(ADK_TOPDIR)/mk/package.mk
diff --git a/package/ctorrent/Makefile b/package/ctorrent/Makefile
index ea4f1d040..eadf6779b 100755
--- a/package/ctorrent/Makefile
+++ b/package/ctorrent/Makefile
@@ -9,20 +9,14 @@ PKG_RELEASE:=		2
 PKG_HASH:=		c87366c91475931f75b924119580abd06a7b3cb3f00fef47346552cab1e24863
 PKG_DESCR:=		console-based bittorrent client
 PKG_SECTION:=		app/p2p
+PKG_DEPENDS:=		libressl
+PKG_BUILDDEP:=		libressl
 PKG_NEEDS:=		c++
 PKG_URL:=		http://www.rahul.net/dholmes/ctorrent
 PKG_SITES:=		${MASTER_SITE_SOURCEFORGE:=dtorrent/}
 
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 
-PKG_CHOICES_CTORRENT:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl
-
 include ${ADK_TOPDIR}/mk/package.mk
 
 $(eval $(call PKG_template,CTORRENT,ctorrent,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
diff --git a/package/curl/Makefile b/package/curl/Makefile
index 803bc57dd..776130f1e 100644
--- a/package/curl/Makefile
+++ b/package/curl/Makefile
@@ -27,20 +27,17 @@ PKGSS_LIBCURL:=		zlib
 PKG_FLAVOURS_CURL:=	WITH_IPV6
 PKGFD_WITH_IPV6:=	enable ipv6 support
 
-PKG_CHOICES_CURL:=	WITHOUT_SSL WITH_LIBRESSL WITH_GNUTLS WITH_OPENSSL WITH_WOLFSSL
-PKGCD_WITHOUT_SSL:=	use no ssl
+PKG_CHOICES_CURL:=	WITH_LIBRESSL WITH_GNUTLS WITH_WOLFSSL WITHOUT_SSL
 PKGCD_WITH_LIBRESSL:=	use libressl for crypto
 PKGCS_WITH_LIBRESSL:=	libressl ca-certificates libgmp
 PKGCB_WITH_LIBRESSL:=	libressl
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCS_WITH_OPENSSL:=	libopenssl ca-certificates libgmp
-PKGCB_WITH_OPENSSL:=	openssl
 PKGCD_WITH_GNUTLS:=	use gnutls for crypto
 PKGCS_WITH_GNUTLS:=	libgnutls ca-certificates libgmp
 PKGCB_WITH_GNUTLS:=	gnutls
 PKGCD_WITH_WOLFSSL:=	use wolfssl for crypto
 PKGCS_WITH_WOLFSSL:=	wolfssl ca-certificates
 PKGCB_WITH_WOLFSSL:=	wolfssl
+PKGCD_WITHOUT_SSL:=	use no ssl
 
 include ${ADK_TOPDIR}/mk/host.mk
 include ${ADK_TOPDIR}/mk/package.mk
@@ -49,12 +46,7 @@ $(eval $(call HOST_template,CURL,curl,${PKG_VERSION}-${PKG_RELEASE}))
 $(eval $(call PKG_template,CURL,curl,${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION}))
 $(eval $(call PKG_template,LIBCURL,libcurl,${PKG_VERSION}-${PKG_RELEASE},${PKGSS_LIBCURL},${PKGSD_LIBCURL},${PKGSC_LIBCURL},${PKG_OPTS}))
 
-ifeq (${ADK_PACKAGE_CURL_WITHOUT_SSL},y)
-CONFIGURE_ARGS+=	--without-ssl \
-			--without-gnutls \
-			--without-axtls
-endif
-ifeq (${ADK_PACKAGE_CURL_WITH_OPENSSL},y)
+ifeq (${ADK_PACKAGE_CURL_WITH_LIBRESSL},y)
 CONFIGURE_ARGS+=	--with-ssl="${STAGING_TARGET_DIR}/usr" \
 			--without-gnutls \
 			--without-axtls
@@ -70,6 +62,11 @@ CONFIGURE_ARGS+=	--with-cyassl="${STAGING_TARGET_DIR}/usr" \
 			--without-gnutls \
 			--without-axtls
 endif
+ifeq (${ADK_PACKAGE_CURL_WITHOUT_SSL},y)
+CONFIGURE_ARGS+=	--without-ssl \
+			--without-gnutls \
+			--without-axtls
+endif
 
 CONFIGURE_ENV+=		curl_typeof_curl_socklen_t=socklen_t
 CONFIGURE_ARGS+=	--enable-cookies \
diff --git a/package/cyrus-sasl/Makefile b/package/cyrus-sasl/Makefile
index 111f9d962..a761f2e59 100644
--- a/package/cyrus-sasl/Makefile
+++ b/package/cyrus-sasl/Makefile
@@ -9,20 +9,14 @@ PKG_RELEASE:=		2
 PKG_HASH:=		8fbc5136512b59bb793657f36fadda6359cae3b08f01fd16b3d406f1345b7bc3
 PKG_DESCR:=		general purpose authentication library
 PKG_SECTION:=		libs/crypto
+PKG_DEPENDS:=		libressl
+PKG_BUILDDEP:=		libressl
 PKG_URL:=		http://cyrusimap.org/
 PKG_SITES:=		ftp://ftp.cyrusimap.org/cyrus-sasl/
-PKG_NOPARALLEL:=	1
 PKG_LIBNAME:=		libsasl2
 PKG_OPTS:=		dev
 
-PKG_CHOICES_CYRUS_SASL:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl
-
+PKG_NOPARALLEL:=	1
 
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 
diff --git a/package/dillo/Makefile b/package/dillo/Makefile
index df38efc1e..ecf4954d4 100644
--- a/package/dillo/Makefile
+++ b/package/dillo/Makefile
@@ -9,20 +9,12 @@ PKG_RELEASE:=		1
 PKG_HASH:=		db1be16c1c5842ebe07b419aa7c6ef11a45603a75df2877f99635f4f8345148b
 PKG_DESCR:=		small graphical web browser
 PKG_SECTION:=		x11/apps
-PKG_DEPENDS:=		libfltk libxi libpng zlib libjpeg-turbo
-PKG_BUILDDEP:=		fltk libXi libjpeg-turbo libpng zlib
+PKG_DEPENDS:=		libfltk libxi libpng zlib libjpeg-turbo libressl
+PKG_BUILDDEP:=		fltk libXi libjpeg-turbo libpng zlib libressl
 PKG_NEEDS:=		threads cxx
 PKG_URL:=		http://www.dillo.org/
 PKG_SITES:=		http://www.dillo.org/download/
 
-PKG_CHOICES_DILLO:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl
-
 PKG_HOST_DEPENDS:=	!cygwin
 PKG_ARCH_DEPENDS:=	x86 x86_64 mips arm
 
diff --git a/package/dovecot/Makefile b/package/dovecot/Makefile
index e39a25b78..18d8d25c0 100644
--- a/package/dovecot/Makefile
+++ b/package/dovecot/Makefile
@@ -9,17 +9,11 @@ PKG_RELEASE:=		1
 PKG_HASH:=		d8d9f32c846397f7c22749a84c5cf6f59c55ff7ded3dc9f07749a255182f9667
 PKG_DESCR:=		minimal and secure imap server
 PKG_SECTION:=		net/mail
+PKG_DEPENDS:=		libressl
+PKG_BUILDDEP:=		libressl
 PKG_URL:=		http://www.dovecot.org/
 PKG_SITES:=		http://www.dovecot.org/releases/2.2/
 
-PKG_CHOICES_DOVECOT:=	WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITH_LIBRESSL:=	use libressl for crypto
-PKGCB_WITH_LIBRESSL:=	libressl
-PKGCS_WITH_LIBRESSL:=	libressl
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl
-
 DISTFILES:=		$(PKG_NAME)-$(PKG_VERSION).tar.gz
 
 include $(ADK_TOPDIR)/mk/package.mk
diff --git a/package/elinks/Makefile b/package/elinks/Makefile
index 5e7f0b719..23d5c25fd 100644
--- a/package/elinks/Makefile
+++ b/package/elinks/Makefile
@@ -11,6 +11,7 @@ PKG_DESCR:=		advanced text web browser
 PKG_SECTION:=		app/browser
 PKG_URL:=		http://elinks.or.cz/
 PKG_SITES:=		http://elinks.or.cz/download/
+
 PKG_NOPARALLEL:=	1
 
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
@@ -18,14 +19,11 @@ DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 PKG_FLAVOURS_ELINKS:=	WITH_IPV6
 PKGFD_WITH_IPV6:=	enable IPv6 support
 
-PKG_CHOICES_ELINKS:=	WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:=	use no ssl
+PKG_CHOICES_ELINKS:=	WITH_LIBRESSL WITHOUT_SSL
 PKGCD_WITH_LIBRESSL:=	use libressl for crypto
 PKGCB_WITH_LIBRESSL:=	libressl
 PKGCS_WITH_LIBRESSL:=	libressl ca-certificates
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:=	use no ssl
 
 include ${ADK_TOPDIR}/mk/package.mk
 
@@ -63,9 +61,6 @@ else
 CONFIGURE_ARGS+=	--disable-ipv6
 endif
 
-ifeq ($(ADK_PACKAGE_ELINKS_WITH_OPENSSL),y)
-CONFIGURE_ARGS+=	--with-openssl='${STAGING_TARGET_DIR}/usr'
-endif
 ifeq ($(ADK_PACKAGE_ELINKS_WITH_LIBRESSL),y)
 CONFIGURE_ARGS+=	--with-openssl='${STAGING_TARGET_DIR}/usr'
 endif
diff --git a/package/elinks/patches/patch-src_network_ssl_ssl_c b/package/elinks/patches/patch-src_network_ssl_ssl_c
new file mode 100644
index 000000000..f55f43ba4
--- /dev/null
+++ b/package/elinks/patches/patch-src_network_ssl_ssl_c
@@ -0,0 +1,16 @@
+--- elinks-0.11.7.orig/src/network/ssl/ssl.c	2009-08-22 13:15:08.000000000 +0200
++++ elinks-0.11.7/src/network/ssl/ssl.c	2016-09-30 18:47:20.022831750 +0200
+@@ -49,11 +49,8 @@ init_openssl(struct module *module)
+ 	 * cannot initialize the PRNG and so every attempt to use SSL fails.
+ 	 * It's actually an OpenSSL FAQ, and according to them, it's up to the
+ 	 * application coders to seed the RNG. -- William Yodlowsky */
+-	if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) {
+-		/* Not an EGD, so read and write to it */
+-		if (RAND_load_file(f_randfile, -1))
+-			RAND_write_file(f_randfile);
+-	}
++	if (RAND_load_fi