Resolve contradiction between BROKEN_SSL=openssl and advice to add
DEFAULT_VERSIONS+=ssl=openssl to /etc/make.conf as a workaround. Squid 3.5 requires pre-1.1 versions of OpenSSL, and that can be only satisfied by the base system on 11.x versions of FreeBSD; doing the DEFAULT_VERSIONS+=ssl=openssl would not work. Unfortunately, making proper conversion from CRYPTO_LOCK_SSL_* to new multi-threading API does not look feasible. Fortunately, LibreSSL could be used as a drop-in replacement. That said, change the advice to use DEFAULT_VERSIONS+=ssl=libressl instead, and add a couple of minor patches to unbreak the build.