From: Tim <timh@dirtymonday.net>
Subject: Trying to install Apache 2.4 with OpenSSL 1.1 instead of LibreSSL
To: "ports@openbsd.org" <ports@openbsd.org>
Date: Fri, 26 Jan 2024 14:11:52 -0800

I'm trying to troubleshoot an issue where Chrome/Chromium browsers
randomly fail to correctly use SSL against my web server.

So I am trying to compile and install an apache-http port with OpenSSL 1.1
library instead of LibreSSL.

I have managed to compile and install this customer port, however, I
don't know if I ultimately succeeded because when it starts it still
says this in the log file:

[Fri Jan 26 14:02:57.131803 2024] [mpm_prefork:notice] [pid 67010] AH00163: Apache/2.4.58 (Unix) LibreSSL/3.8.2 configured -- resuming normal operations

Is this message wrong?  Or am I still ending up with an Apache2
compiled against LibreSSL instead of OpenSSL?

This is the Makefile diff I am using:

--- Makefile.orig       Thu Jan 25 10:26:20 2024
+++ Makefile    Fri Jan 26 13:44:57 2024
@@ -3,7 +3,7 @@
 V=                     2.4.58
 DISTNAME=              httpd-${V}
 PKGNAME=               apache-httpd-${V}
-REVISION=              0
+REVISION=              1
 
 CATEGORIES=            www net
 
@@ -17,9 +17,10 @@
 COMPILER=              base-clang ports-gcc
 COMPILER_LANGS=                c
 
-WANTLIB += apr-1 aprutil-1 brotlicommon brotlienc c crypto curl
-WANTLIB += db expat iconv jansson lzma m nghttp2 pcre2-8 pthread ssl
+WANTLIB += apr-1 aprutil-1 brotlicommon brotlienc c curl
+WANTLIB += db expat iconv jansson lzma m nghttp2 pcre2-8 pthread
 WANTLIB += xml2 z
+WANTLIB += lib/eopenssl11/crypto lib/eopenssl11/ssl
 
 SITES=                 ${SITE_APACHE:=httpd/}
 
@@ -31,7 +32,8 @@
                        devel/pcre2 \
                        net/curl \
                        textproc/libxml \
-                       www/nghttp2
+                       www/nghttp2 \
+                       security/openssl/1.1
 
 HTTPD_DIR=             /var/www
 CONFDIR=               ${SYSCONFDIR}/apache2
@@ -68,8 +70,10 @@
                        --with-suexec-caller=www \
                        --with-suexec-logfile=${LOCALSTATEDIR}/log/suexec2_log
 
-CONFIGURE_ENV=         CPPFLAGS="-I${LOCALBASE}/include" \
-                       LDFLAGS="-L${LOCALBASE}/lib" \
+#CONFIGURE_ENV=                CPPFLAGS="-I${LOCALBASE}/include" \
+#                      LDFLAGS="-L${LOCALBASE}/lib" \
+CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include/eopenssl11/openssl" \
+               LDFLAGS="-L${LOCALBASE}/lib/eopenssl11 -Wl,-rpath,${LOCALBASE}/lib/eopenssl11" \
                        AWK=awk \
                        GREP=grep \
                        ac_cv_func_ENGINE_init=no \