add makefile.bsd-wrapper

13 files changed, 1842 insertions, 653 deletions

diff --git a/usr.sbin/httpd/ABOUT_APACHE b/usr.sbin/httpd/ABOUT_APACHE
index 8f54e59e8de..0a3e114be83 100644
--- a/usr.sbin/httpd/ABOUT_APACHE
+++ b/usr.sbin/httpd/ABOUT_APACHE
@@ -3,7 +3,7 @@
 
                          http://www.apache.org/
 
-                             September 1998
+                              February 1999
 
 The Apache Project is a collaborative software development effort aimed
 at creating a robust, commercial-grade, featureful, and freely-available
@@ -65,31 +65,34 @@ December 1, 1995.
 Less than a year after the group was formed, the Apache server passed
 NCSA's httpd as the #1 server on the Internet.
 
+The survey by Netcraft (http://www.netcraft.com/survey/) shows that Apache
+is today more widely used than all other web servers combined.
+
  ============================================================================
 
-Current Apache Group in alphabetical order as of 23 September 1998:
+Current Apache Group in alphabetical order as of 14 February 1999:
 
-   Brian Behlendorf       Organic Online, California 
+   Brian Behlendorf       O'Reilly and Associates, California 
    Ken Coar               IBM Corporation, Research Triangle Park, NC, USA
    Mark J. Cox            C2Net Europe, UK 
-   Lars Eilebrecht        Kreuztal, Germany 
+   Lars Eilebrecht        Cable & Wireless ECRC, Munich, Germany 
    Ralf S. Engelschall    Munich, Germany.
    Roy T. Fielding        UC Irvine, California 
-   Dean Gaudet            Transmeta Corporation, California 
+   Dean Gaudet            Critical Path, California 
    Rob Hartill            Internet Movie DB, UK 
    Ben Hyde               Gensym, Massachusetts
    Jim Jagielski          jaguNET ISP, Maryland 
    Alexei Kosut           Stanford University, California 
    Martin Kraemer         Munich, Germany
    Ben Laurie             Freelance Consultant, UK 
-   Doug MacEachern        Freelance Consultant, Summer Seasons, Earth
+   Doug MacEachern        Critical Path, California
    Aram W. Mirzadeh       Qosina Corporation, New York 
    Sameer Parekh          C2Net, California 
-   Marc Slemko            Canada 
    Cliff Skolnick         Freelance, California
+   Marc Slemko            Canada 
    Bill Stoddard          IBM Corp., Research Triangle Park, NC
    Paul Sutton            C2Net Europe, UK 
-   Randy Terbush          Zyzzyva ISP, Nebraska 
+   Randy Terbush          Covalent Technologies, Nebraska 
    Dirk-Willem van Gulik  Freelance Consultant, Italy 
 
 Apache Emeritae (old group members now off doing other things)
@@ -101,13 +104,15 @@ Apache Emeritae (old group members now off doing other things)
    
 Other major contributors
 
-   Rob McCool (original author of the NCSA httpd),
+   Howard Fear (mod_include), Florent Guillaume (language negotiation),
+   Koen Holtman (rewrite of mod_negotiation),
+   Kevin Hughes (creator of all those nifty icons),
+   Rasmus Lerdorf (mod_info, mod_php, mod_php3),
    Brandon Long and Beth Frank (NCSA Server Development Team, post-1.3),
+   Ambarish Malpani (Beginning of the NT port),
+   Rob McCool (original author of the NCSA httpd 1.3),
    Paul Richards (convinced the group to use remote CVS after 1.0),
-   Kevin Hughes (creator of all those nifty icons),
-   Henry Spencer (author of the regex library), Garey Smiley (OS/2 port),
-   Howard Fear (mod_include), Florent Guillaume (language negotiation), 
-   Ambarish Malpani (NT port).
+   Garey Smiley (OS/2 port), Henry Spencer (author of the regex library).
 
 Many 3rd-party modules, frequently used and recommended, are also
 freely-available and linked from the related projects page:
@@ -233,5 +238,3 @@ Thanks for using Apache!
 
  ============================================================================
 Roy Fielding, June 1997
-
-If you are interested in other WWW history, see <http://www.webhistory.org/>
diff --git a/usr.sbin/httpd/Announcement b/usr.sbin/httpd/Announcement
index b04612e632b..4c9996294e0 100644
--- a/usr.sbin/httpd/Announcement
+++ b/usr.sbin/httpd/Announcement
@@ -1,39 +1,73 @@
-Apache 1.3.4 Released
+Apache 1.3.6 Released
 =====================
 
 The Apache Group is pleased to announce the release of version
-1.3.4 of the Apache HTTP server.
-
-This new Apache version incorporates over 90 significant improvements
-to the server, including avoidance of some denial-of-service attacks,
-support for 3rd-party WebDAV modules, a complete overhaul of content
-negotiation, optional column sorting for fancy indexes, the ability to
-set a DefaultLanguage, and many fixes to improve consistency, portability,
-and squish bugs.  A complete listing is provided in the src/CHANGES file.
-
-Of special note are the many changes to the Apache configuration process.
-The default path layout generated by the "configure" script has been
-changed to be more consistent with the traditional Apache layout, and
-several new command-line options have been added to make compilation
-easier.  Please see the README.configure and INSTALL files for complete
-information.  In addition, we have moved all of the server configuration
-directives to a single file (httpd.conf-dist), updated mime.types, and
-improved the examples for first-time installers.  Finally, a few of the
-rarely-used command-line options for httpd have been changed to be more
-consistent with the help options of other programs.
-
-We consider Apache 1.3.4 to be the best version of Apache available and
+1.3.6 of the Apache HTTP server.
+
+This new Apache version incorporates over 60 significant improvements
+to the server.  Apart from portability and security fixes, documentation
+enhancements, performance improvements, and assorted other minor
+features or fixes notable changes are:
+
+ - mod_log_config now supports conditional logging based upon
+   environment variables and support for multiline entries.
+
+ - New CustomLog directive %V: This logs the hostname according to the
+   UseCanonicalName setting (this is the pre-1.3.4 behaviour of %v).
+
+ - Enhanced mod_rewrite's mapfile handling: The in-core cache for text
+   and DBM format mapfiles now uses a hash table with LRU functionality.
+   Furthermore map lookups for non-existent keys are now cached as well.
+   The changes drastically improve the performance when large rewrite
+   maps are in use.
+
+ - Ability to handle DES or MD5 authentication passwords.
+ 
+ - New <LimitExcept> directive to allow the user to assign authentication
+   control to any HTTP method that is *not* given in the argument list;
+   i.e., the logical negation of the <Limit> directive.
+ 
+ - Improved content negotiation.
+ 
+ - New ScriptInterpreterSource directive to enable searching the
+   Win32 registry for script interpreters.
+ 
+ - The FAQ document was reorganised.
+ 
+ - Overhauled ApacheBench benchmark program.
+ 
+ - Several new API functions have been added.
+
+A complete listing with detailed descriptions is provided in the
+src/CHANGES file.
+
+We consider Apache 1.3.6 to be the best version of Apache available and
 we strongly recommend that users of older versions, especially of the
 1.1.x and 1.2.x family, upgrade as soon as possible.  No further releases
 will be made in the 1.2.x family.
 
-Apache 1.3.4 is available for download from
+
+Apache 1.3.6 is available for download from
 
     http://www.apache.org/dist/
 
 Please see the CHANGES_1.3 file in the same directory for a full
-list of changes.  The distribution is also available via any of
-the mirrors listed at
+list of changes.
+
+Binary distributions are available from
+
+   http://www.apache.org/dist/binaries/
+
+As of Apache 1.3.6 binary distributions contain all standard Apache
+modules as shared objects (if supported by the platform) and include
+full source code.  Installation is easily done by executing the
+included install script.  See the README.bindist and INSTALL.bindist
+files for a complete explanation.  Please note that the binary
+distributions are only provided for your convenience and current
+distributions for specific platforms are not always available.
+
+The source and binary distributions are also available via any of the
+mirrors listed at
 
     http://www.apache.org/mirrors/
 
@@ -43,8 +77,8 @@ For an overview of new features in 1.3 please see
 
 In general, Apache 1.3 offers several substantial improvements
 over version 1.2, including better performance, reliability and a
-wider range of supported platforms, including Windows 95 and NT
-(which both fall under the "Win32" label).
+wider range of supported platforms, including Windows 95/98 and NT
+(which fall under the "Win32" label).
 
 Apache is the most popular web server in the known universe; over
 half of the servers on the Internet are running Apache or one of
diff --git a/usr.sbin/httpd/INSTALL b/usr.sbin/httpd/INSTALL
index 520d752fcd4..6e79938e247 100644
--- a/usr.sbin/httpd/INSTALL
+++ b/usr.sbin/httpd/INSTALL
@@ -1,5 +1,5 @@
 
-  A P A C H E   I N S T A L L A T I O N
+  APACHE INSTALLATION
 
   NOTE: Windows users please read the documents README.NT and
         http://www.apache.org/docs/windows.html, (or the
@@ -29,7 +29,7 @@
      $ ./configure --prefix=PREFIX
      $ make
      $ make install
-     $ PREFIX/sbin/apachectl start
+     $ PREFIX/bin/apachectl start
 
      NOTE: PREFIX is not the string "PREFIX". Instead use the Unix
            filesystem path under which Apache should be installed. For
@@ -76,14 +76,14 @@
         under all operating systems therefore you cannot use the DSO mechanism
         on all platforms. And Apache currently has only limited built-in
         knowledge on how to compile shared objects because this is heavily
-        platform-dependend. The current state is this:
+        platform-dependent. The current state is this:
 
         o Out-of-the-box supported platforms are:
-           - Linux     - SunOS         - UnixWare    
-           - FreeBSD   - Solaris       - AIX         
-           - OpenBSD   - IRIX          - SCO         
-           - NetBSD    - HPUX        
-           - BSDI      - Digital Unix
+           - Linux     - SunOS         - UnixWare     - Mac OS X Server
+           - FreeBSD   - Solaris       - AIX          - Mac OS
+           - OpenBSD   - IRIX          - SCO          - OpenStep/Mach
+           - NetBSD    - HPUX          - ReliantUNIX  - DYNIX/ptx
+           - BSDI      - Digital Unix  - DGUX
 
         o Entirely unsupported platforms are:
            - Ultrix
@@ -159,6 +159,7 @@
                              [--with-perl=FILE]        [--suexec-uidmin=UID]
                              [--without-support]       [--suexec-gidmin=GID]
                              [--without-confadjust]    [--suexec-safepath=PATH]
+                             [--without-execstrip]
 
      Use the CC, OPTIM, CFLAGS, INCLUDES, LDFLAGS, LIBS, CFLAGS_SHLIB,
      LD_SHLIB, LDFLAGS_SHLIB, LDFLAGS_SHLIB_EXPORT, RANLIB, DEPS and TARGET
@@ -238,14 +239,15 @@
      to automatically include a simple third-party module to the Apache build
      process.
  
-     Use the --activate-module=FILE option to on-the-fly add an entry for an
-     existing module source file in the configuration file. FILE has to be a
-     valid path under src/modules/ of the Apache source tree, i.e. it already
-     has to be copied to this location before.  The module is automatically
-     enabled. Use this option to automatically include a complex third-party
-     module to the Apache build process where, for instance a module like
-     mod_perl or mod_php3 consisting of more than one file which are created by
-     a third-party configuration scheme.
+     Use the --activate-module=FILE option to add an entry for an existing
+     module source file into the configuration file on-the-fly. FILE has to be
+     a valid path beginning with "src/modules/", and the file has to have been
+     copied to this location in the Apache source tree before running
+     configure.  The module is automatically enabled. Use this option to
+     automatically include a complex third-party module to the Apache build
+     process where, for instance a module like mod_perl or mod_php3 consisting
+     of more than one file which are created by a third-party configuration
+     scheme.
  
      Use the --enable-module=NAME and --disable-module=NAME options to enable
      or disable a particular already distributed module from the Apache
@@ -324,7 +326,7 @@
      this way implicitly enables them itself). 
      
          Note 1: The --enable-shared option DOES NOT AUTOMATICALLY enable the
-                 module because there are variants like `--enable-shared=all'
+                 module because there are variants like `--enable-shared=max'
                  which should not imply `--enable-module=all'.  
 
          Note 2: Per default the DSO mechanism is globally disabled, i.e. no
@@ -369,6 +371,11 @@
      user/situation dependent adjustments to the config files (Group, Port,
      ServerAdmin, ServerName, etc.).  This is usually only interesting for
      vendor package maintainers who wants to force the keeping of defaults.
+
+     Use the --without-execstrip option to disable the stripping of
+     executables on installation. This can be important on some platforms in
+     combination with --enable-rule=SHARED_CORE or when Apache was built with
+     debugging symbols which shouldn't be lost.
  
      Use the --enable-suexec option to enable the suEXEC feature by building
      and installing the "suexec" support program. Use --suexec-caller=UID to
@@ -450,7 +457,7 @@
  
      Now you can fire up your Apache HTTP server by immediately running
  
-        $ PREFIX/sbin/apachectl start
+        $ PREFIX/bin/apachectl start
  
      and then you should be able to request your first document via URL
      http://localhost/ (when you built and installed Apache as root or at
@@ -458,7 +465,7 @@
      (when you built and installed Apache as a regular user). Then stop the
      server again by running: 
 
-        $ PREFIX/sbin/apachectl stop
+        $ PREFIX/bin/apachectl stop
  
   7. Customizing the package
      -----------------------
diff --git a/usr.sbin/httpd/INSTALL.SSL b/usr.sbin/httpd/INSTALL.SSL
index 0ab461329db..39e845aed37 100644
--- a/usr.sbin/httpd/INSTALL.SSL
+++ b/usr.sbin/httpd/INSTALL.SSL
@@ -1,8 +1,8 @@
                        _             _ 
-   _ __ ___   ___   __| |    ___ ___| |  
-  | '_ ` _ \ / _ \ / _` |   / __/ __| |  
-  | | | | | | (_) | (_| |   \__ \__ \ |  mod_ssl - Apache Interface to SSLeay  
-  |_| |_| |_|\___/ \__,_|___|___/___/_|  http://www.engelschall.com/sw/mod_ssl/
+   _ __ ___   ___   __| |    ___ ___| |  mod_ssl
+  | '_ ` _ \ / _ \ / _` |   / __/ __| |  Apache Interface to OpenSSL
+  | | | | | | (_) | (_| |   \__ \__ \ |  www.modssl.org
+  |_| |_| |_|\___/ \__,_|___|___/___/_|  ftp.modssl.org
                        |_____|         
   _____________________________________________________________________________
   
@@ -23,73 +23,86 @@
   Prerequisites
   _____________
 
-  To use mod_ssl you need at least the following two packages:
+  To use mod_ssl you need the following packages:
 
    o  Package:      Apache 
       Version:      1.3.x
-      Description:  Apache Group HTTP Server
+      Description:  The Apache Group HTTP Server
+      Reason:       The webserver base package on which all is based
       Homepage:     http://www.apache.org/
       Distribution: ftp://ftp.apache.org/apache/dist/
       Tarball:      apache_1.3.x.tar.gz
       Location:     SF, USA
       Author(s):    The Apache Group <apache@apache.org>
+      Type:         MANDATORY
 
    o  Package:      mod_ssl
-      Version:      2.2.x
-      Description:  Apache Interface to SSLeay
-      Homepage:     http://www.engelschall.com/sw/mod_ssl/
-      Distribution: ftp://ftp.engelschall.com/sw/mod_ssl/
-      Tarball:      mod_ssl-2.2.x-1.3.x.tar.gz
+      Version:      2.4.x
+      Description:  The Apache Interface to OpenSSL
+      Reason:       The interface module for Apache
+      Homepage:     http://www.modssl.org/
+      Distribution: ftp://ftp.modssl.org/source/
+      Tarball:      mod_ssl-2.4.x-1.3.x.tar.gz
       Location:     Zurich, Switzerland, Europe
       Author(s):    Ralf S. Engelschall <rse@engelschall.com>
+      Type:         MANDATORY
 
-  If you have the SSLeay package not already installed on your system you
-  additionally need the following package:
-
-   o  Package:      SSLeay
+   o  Package:      OpenSSL
       Version:      0.9.x
-      Description:  SSL Toolkit 
-      Homepage:     http://www.ssleay.org/
-      Distribution: ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/
-      Tarball:      SSLeay-0.9.x.tar.gz
-      Location:     Brisbane, Australia
-      Author(s):    Eric A. Young <eay@cryptsoft.com>
-                    Tim J. Hudson <tjh@cryptsoft.com>
-
-  And if you're an US-citizen then you usually need (because of patent
-  legalities; but check your personal organisation situation first because
-  there are exceptions) also the following package in conjunction with SSLeay:
+      Description:  The Open Source Toolkit for SSL/TLS
+      Reason:       The library which implements SSL/TLS
+      Homepage:     http://www.openssl.org/
+      Distribution: ftp://ftp.openssl.org/source/
+      Tarball:      openssl-0.9.x.tar.gz
+      Location:     Zurich, Switzerland, Europe
+      Author(s):    The OpenSSL Project <openssl@openssl.org>
+      Type:         MANDATORY 
 
    o  Package:      RSAref
       Version:      2.0
       Description:  RSA Reference Implementation
+      Reason:       Deprecated RSA library for US citizens
       Homepage:     -
-      Distribution: ftp://ftp.rsa.com/rsaref/ (read the README file there!)
+      Distribution: ftp://ftp.replay.com/pub/crypto/crypto/LIBS/rsa/
                     ftp://utopia.hacktic.nl/pub/replay/pub/crypto/LIBS/rsa/
+                    Or ask http://ftpsearch.lycos.com/ for "rsaref20.tar.Z" !!
       Tarball:      rsaref20.tar.Z
-      Location:     USA
+      Location:     Netherlands (because no longer distributed by RSA DSI)
       Author(s):    RSA DSI
-
-  Finally you need the following auxiliary packages already installed (GZip
-  for unpacking the above tarballs and Perl when configuring SSLeay):
+      Type:         OPTIONAL (only mandatory for US-citizens)
+
+   o  Package:      MM
+      Version:      1.0.x
+      Description:  Shared Memory Library
+      Reason:       The portable library for shared memory in Apache/EAPI
+      Homepage:     http://www.engelschall.com/sw/mm/
+      Distribution: http://www.engelschall.com/sw/mm/
+      Tarball:      mm-1.0.x.tar.gz
+      Location:     Zurich, Switzerland, Europe
+      Author(s):    Ralf S. Engelschall <rse@engelschall.com>
+      Type:         OPTIONAL
 
    o  Package:      GZip
       Version:      1.2.4
       Description:  The compression utility
+      Reason:       To unpack the above tarballs
       Homepage:     http://www.gnu.org/
       Distribution: ftp://ftp.gnu.org/pub/gnu/
       Tarball:      gzip-1.2.4.tar.Z
       Location:     USA
       Author(s):    Free Software Foundation (FSF)
+      Type:         MANDATORY
  
    o  Package:      Perl
       Version:      5.004 or 5.005
       Description:  The Practical Extraction and Reporting Language
+      Reason:       To configure OpenSSL and for APXS tool in Apache
       Homepage:     http://www.perl.com/
       Distribution: http://www.perl.com/CPAN/src/
       Tarball:      perl5.00x.tar.gz
       Location:     USA
       Author(s):    Larry Wall
+      Type:         MANDATORY
 
   Installation
   ____________
@@ -105,89 +118,111 @@
   OPTIONAL .. Command is optional and not really needed
 
   Now follow these steps:
-
-   1. Make sure GZip and Perl are already installed and available through the
-      commands `gzip' and `perl' They are needed for unpacking the tarballs
-      and for configuring SSLeay.
-
-   2. Extract the required packages:
-
-      $ gzip -d -c apache_1.3.x.tar.gz | tar xvf -                         ALL
-      $ gzip -d -c mod_ssl-2.2.x-1.3.x.tar.gz | tar xvf -                  ALL
-      $ gzip -d -c SSLeay-0.9.x.tar.gz | tar xvf -                         ALL
-
-      $ mkdir rsaref-2.0                                                    US
-      $ (cd rsaref-2.0; gzip -d -c ../rsaref20.tar.Z | tar xvf -)           US
-
-   3. Configure and build the SSLeay library: 
-      (When you're an US-citizen you have to build SSLeay in conjunction with
-      the RSAref library. Others can ignore the first six commands, of course)
-
-      $ cd rsaref-2.0
-      $ cp -rp install/unix local                                           US
-      $ cd local                                                            US
-      $ make                                                                US
-      $ mv rsaref.a librsaref.a                                             US
-      $ cd ../..                                                            US
-
-      NOTE: RSAref has some portability problems. Especially it assumes that
-            an `unsigned long int' represents a four byte word. One result of
-            this bad assumption is that it fails under run-time (not
-            compile-time) on platforms/CPUs, like Alphas, where larger integer
-            sizes are used by the compiler. For instance when mod_ssl's `make
-            certificate' command hangs, you get memory faults or Apache hangs
-            when connecting to it through HTTPS, this all indicates that you
-            ran into this portability problem.  The solution is to replace the
-            `typedef unsigned long int UINT4' in rsaref-2.0/source/global.h,
-            line 26. The best is to use `typedef u_int32_t UINT4' when
-            `u_int32_t' is defined by your vendor include files. If not try to
-            use a standard type which is four bytes in length on your
-            platform, e.g. on Alphas `typedef unsigned int UINT4' works.
-
-      $ cd SSLeay-0.9.x                                                    ALL
-      $ make -f Makefile.ssl links                                         ALL
-      $ perl ./Configure gcc \                                             ALL
-             -DNO_IDEA \                                                    EU
-             -DRSAref -lRSAglue -L`pwd`/../rsaref-2.0/local/ -lrsaref       US
-      $ cp rsaref/rsaref.h include/                                         US
-      $ make                                                               ALL
-      $ make test                                                     OPTIONAL
-      $ cd ..                                                              ALL
-
-      NOTE: SSLeay understands a lot more options on the `Configure'
-            command line. For instance you can (AND SHOULD!) replace the
-            generic `gcc' with your platform name (run `perl Configure'
-            without arguments to see a list of supported platforms) to get
-            maximum performance (because on some platforms assembler routines
-            are used instead of C variants) and platform correctness (some
-            platforms don't work with the generic `gcc' build variant).
-            Additionally you can add some command line options (like
-            `-DSSL_ALLOW_ENULL' for allowing Null encryptions, etc) to adjust
-            the SSLeay internals (see SSLeay's Makefile for details).
-
-      NOTE: When your system already has SSLeay installed (for instance some
-            Linux distributions ship with SSLeay installed out-of-the-box) in
-            system locations you can ignore the SSLeay steps above, too.  Then
-            use `SSL_BASE=SYSTEM' instead of `SSL_BASE=../SSLeay-0.9.0b'
-            below.
-
-      NOTE: When your system already has RSAref installed in system locations
-            you can ignore the RSAref-related steps above and then use
-            `RSAREF_BASE=SYSTEM' instead of `RSAREF_BASE=../rsaref-2.0/local'
-            above.
-
-      NOTE: You are STRONGLY ADVISES to use SSLeay 0.9.x and not any
-            0.8.x version. Because although Apache/mod_ssl compiles fine with
-            0.8.x versions there are known runtime problems with SSLeay 0.8.x.
-            Especially when transferring large files SSLeay 0.8.x fails
-            horrible. So, in your own interest: Use SSLeay 0.9.x, please!
-            BTW, TLS v1 support is also available with SSLeay 0.9.x only.
-
-  4. Now apply the mod_ssl source extension and source patches to the Apache
+  (the syntax is for a Bourne-Shell style shell, when you're using a C-Shell
+  style shell you've to adjust the commands according to your shell's manual)
+
+  1. Make sure GZip and Perl are already installed and available through the
+     commands `gzip' and `perl'. They are needed for unpacking the tarballs
+     and for configuring OpenSSL. When you've these packages still not
+     installed, do this first.
+
+  2. Extract the required packages:
+
+     $ gzip -d -c apache_1.3.x.tar.gz | tar xvf -                          ALL
+     $ gzip -d -c mod_ssl-2.4.x-1.3.x.tar.gz | tar xvf -                   ALL
+     $ gzip -d -c openssl-0.9.x.tar.gz | tar xvf -                         ALL
+     $ gzip -d -c mm-1.0.x.tar.gz | tar xvf -                         OPTIONAL
+     $ mkdir rsaref-2.0                                                     US
+     $ (cd rsaref-2.0; gzip -d -c ../rsaref20.tar.Z | tar xvf -)            US
+
+  3. Configure and build the OpenSSL library: 
+     (When you're an US-citizen you have to build OpenSSL in conjunction with
+     the RSAref library. Others can ignore the first six commands, of course)
+
+     $ cd rsaref-2.0
+     $ cp -rp install/unix local                                            US
+     $ cd local                                                             US
+     $ make                                                                 US
+     $ mv rsaref.a librsaref.a                                              US
+     $ cd ../..                                                             US
+
+     NOTE: RSAref has some portability problems and nasty restrictions.
+           Especially it assumes that an `unsigned long int' represents a four
+           byte word. One result of this bad assumption is that it fails under
+           run-time (not compile-time) on platforms/CPUs, like Alphas, where
+           larger integer sizes are used by the compiler. For instance when
+           mod_ssl's `make certificate' command hangs, you get memory faults
+           or Apache hangs when connecting to it through HTTPS, this all
+           indicates that you ran into this portability problem.  
+
+           The solution is to replace the `typedef unsigned long int UINT4' in
+           rsaref-2.0/source/global.h, line 26. The best is to use `typedef
+           u_int32_t UINT4' when `u_int32_t' is defined by your vendor include
+           files. If not try to use a standard type which is four bytes in
+           length on your platform, e.g. on Alphas `typedef unsigned int
+           UINT4' works.
+
+           Additionally with RSAref not all RSA functionality in OpenSSL will
+           be available. It'll still work for the requirements of mod_ssl, but
+           for instance the RSA OEAP functionality isn't supported by RSAref.
+
+     $ cd openssl-0.9.x                                                    ALL
+     $ sh config \                                                         ALL
+            no-idea \                                                       EU
+            -L`pwd`/../rsaref-2.0/local/ rsaref \                           US
+            -fPIC                                                     OPTIONAL
+     $ make                                                                ALL
+     $ make test                                                      OPTIONAL
+     $ cd ..                                                               ALL
+
+     NOTE: OpenSSL understands a lot more options on the `config'
+           command line. For instance you can add some command line options
+           (like `-DSSL_FORBID_ENULL' for not allowing Null encryptions, etc)
+           to adjust the OpenSSL internals (see OpenSSL's top-level Makefile
+           for details).
+
+     NOTE: When your system already has OpenSSL installed (for instance some
+           Linux distributions ship with OpenSSL installed out-of-the-box) in
+           system locations you can ignore the OpenSSL steps above, too.  Then
+           use `SSL_BASE=SYSTEM' instead of `SSL_BASE=../openssl-0.9.x' below
+           and mod_ssl will search for OpenSSL's binary, header and library
+           files in $PATH and system locations.
+
+     NOTE: When your system already has RSAref installed in system locations
+           you can ignore the RSAref-related steps above and then use
+           `RSAREF_BASE=SYSTEM' instead of `RSAREF_BASE=../rsaref-2.0/local/'
+           below.
+
+     NOTE: The -fPIC option builds OpenSSL with Position Independent Code
+           (PIC) which is only important when building mod_ssl as a
+           Dynamic Shared Object (DSO). Please notice, that you really
+           have to use -fPIC and not -fpic, as the latter will usually
+           cause the build to fail. See below for more details.
+
+  4. Optionally you now can build the MM Shared Memory library when you want
+     shared memory support in Apache/EAPI. For instance this allows mod_ssl to
+     use a high-performance RAM-based session cache instead of a disk-based
+     one.
+
+     $ cd mm-1.0.x                                                    OPTIONAL
+     $ ./configure --disable-shared                                   OPTIONAL
+     $ make                                                           OPTIONAL
+     $ cd ..                                                          OPTIONAL
+
+     NOTE: When your system already has MM installed in system locations
+           you can ignore the steps above and then use `EAPI_MM=SYSTEM'
+           instead of `EAPI_MM=../mm-1.0.x' below.
+
+     NOTE: Do not forget the --disable-shared option above. Else you've
+           to establish an explicit LD_LIBRARY_PATH which includes the
+           /path/to/mm-1.0.x/.libs/ directory or the compilation of Apache
+           will fail because the shared library cannot be found.
+
+  5. Now apply the mod_ssl source extension and source patches to the Apache
      source tree, configure the Apache sources and build Apache with mod_ssl
-     and SSLeay. 
+     and OpenSSL. 
      
-     Actually here you have three options :
+     Actually here you have three options: 
      (dependent on your situation and personal skill ;-)
 
      a) The All-In-One mod_ssl+APACI way [FOR JOE AVERAGE]:
@@ -197,43 +232,47 @@
         RSA_BASE variables but get no intermediate chance to add more
         third-party Apache modules (e.g. mod_perl, PHP3, etc).
 
-        $ cd mod_ssl-2.2.x-1.3.x                                           ALL
+        $ cd mod_ssl-2.4.x-1.3.x                                           ALL
         $ ./configure \                                                    ALL
               --with-apache=../apache_1.3.x \                              ALL
-              --with-ssleay=../SSLeay-0.9.x \                              ALL
-              --with-rsaref=../rsaref-2.0/local \                           US
+              --with-ssl=../openssl-0.9.x \                                ALL
+              --with-rsa=../rsaref-2.0/local \                              US
+              --with-mm=../mm-1.0.x \                                 OPTIONAL
               --with-crt=/path/to/your/server.crt \                   OPTIONAL
               --with-key=/path/to/your/server.key \                   OPTIONAL
               --prefix=/path/to/apache \                                   ALL
              [--enable-shared=ssl] \                                  OPTIONAL
              [--disable-rule=SSL_COMPAT] \                            OPTIONAL
              [--enable-rule=SSL_SDBM] \                               OPTIONAL
+             [--enable-rule=SSL_EXPERIMENTAL] \                       OPTIONAL
+             [--enable-rule=SSL_VENDOR] \                             OPTIONAL
              [...more APACI options...]                               OPTIONAL
         $ cd ..                                                            ALL
         $ cd apache_1.3.x                                                  ALL
         $ make                                                             ALL
         $ make certificate                                            OPTIONAL
         $ make install                                                     ALL
-        $ cd ..
+        $ cd ..                                                            ALL
 
         NOTE: The --enable-shared=ssl option enables the building of mod_ssl
               as a DSO `libssl.so'. Read the INSTALL and
               htdocs/manual/dso.html documents in the Apache source tree for
-              more information about DSO support in Apache. I strongly advise
+              more information about DSO support in Apache. We strongly advise
               ISPs and package maintainers to use the DSO facility for maximum
               flexibility with mod_ssl.  But notice that DSO is not supported
               by Apache on all platforms.
 
-              Additionally SSLeay has problems under DSO situations on some
+              Additionally OpenSSL has problems under DSO situations on some
               platforms. For instance under smart ix86 platforms like Linux
-              and FreeBSD when you compile a the standard SSLeay
+              and FreeBSD when you compile a the standard OpenSSL
               libcrypto.a/libssl.a libraries and link those to a mod_ssl DSO
               libssl.so all works fine.  While on other platforms like Solaris
-              2.6 on a SPARC SSLeay's code will dump core under run-time. When
-              this is the case for you, then try to recompile SSLeay with
-              Position Independent Code (PIC) by adding a `-fPIC' (for GCC) or
-              `-KPIC' (for SVR4-style compilers) to the platform configuration
-              line in SSLeay's `Configure' script.
+              2.6 on a SPARC OpenSSL's code will dump core under run-time.
+              When this is the case for you, then try to recompile OpenSSL
+              with Position Independent Code (PIC) by adding a `-fPIC' (for
+              GCC) or `-KPIC' (for SVR4-style compilers) to the platform
+              configuration line in OpenSSL's `Configure' script.  The the
+              -fPIC option above when you build OpenSSL.
 
         NOTE: The --disable-rule=SSL_COMPAT option disables the building of
               SSL compatibility code for older mod_ssl versions and other
@@ -246,6 +285,11 @@
               (for SSL sessions to be cacheable the DBM library should allow
               more than 1KB of data to be stored under a particular key).
 
+        NOTE: The --enable-rule=SSL_EXPERIMENTAL and --enable-rule=SSL_VENDOR
+              options enable various experimental and vendor extension code.
+              Please read the src/Configuration.tmpl file inside the Apache
+              source tree for more details.
+
         NOTE: You either use `--with-crt'/`--with-key' or `make certificate'
               above - but never both. The `--with-crt'/`--with-key' options is
               used only when you already have a real server certificate and
@@ -257,11 +301,11 @@
 
         You configure Apache manually and have the chance to configure and add
         third-party Apache modules like mod_perl, mod_php, mod_frontpage,
-        mod_dav, etc. But you have to provide the SSL_BASE and RSA_BASE
-        variables manually and either copy your existing certificate manually
-        to conf/ssl.crt/server.crt or use `make certificate':
+        mod_dav, etc. But you have to provide the SSL_BASE, RSA_BASE and
+        EAPI_MM variables manually and either copy your existing certificate
+        manually to conf/ssl.crt/server.crt or use `make certificate':
 
-        $ cd mod_ssl-2.2.x-1.3.x                                           ALL
+        $ cd mod_ssl-2.4.x-1.3.x                                           ALL
         $ ./configure \                                                    ALL
               --with-apache=../apache_1.3.x \                              ALL
               --with-crt=/path/to/your/server.crt \                   OPTIONAL
@@ -271,27 +315,43 @@
         [...Now add more Apache modules to the Apache source tree...] OPTIONAL
 
         $ cd apache_1.3.x                                                  ALL
-        $ SSL_BASE=../SSLeay-0.9.x \                                       ALL
+        $ SSL_BASE=../openssl-0.9.x \                                      ALL
           RSA_BASE=../rsaref-2.0/local \                                    US
+          EAPI_MM=../mm-1.0.x \                                       OPTIONAL
           ./configure \                                                    ALL
               --enable-module=ssl \                                        ALL
               --prefix=/path/to/apache \                                   ALL
              [--enable-shared=ssl] \                                  OPTIONAL
              [--disable-rule=SSL_COMPAT] \                            OPTIONAL
              [--enable-rule=SSL_SDBM] \                               OPTIONAL
+             [--enable-rule=SSL_EXPERIMENTAL] \                       OPTIONAL
+             [--enable-rule=SSL_VENDOR] \                             OPTIONAL
              [...more APACI options...]                               OPTIONAL
         $ make                                                             ALL
         $ make certificate                                            OPTIONAL
         $ make install                                                OPTIONAL
+        $ cd ..                                                            ALL
 
         NOTE: The optional --enable-shared=ssl option enables the building
               of mod_ssl as a DSO `libssl.so'. Read the INSTALL and
               htdocs/manual/dso.html documents in the Apache source tree for
-              more information about DSO support in Apache. I strongly advise
+              more information about DSO support in Apache. We strongly advise
               ISPs and package maintainers to use the DSO facility for maximum
               flexibility with mod_ssl.  But notice that DSO is not supported
               by Apache on all platforms.
 
+              Additionally OpenSSL has problems under DSO situations on some
+              platforms. For instance under smart ix86 platforms like Linux
+              and FreeBSD when you compile a the standard OpenSSL
+              libcrypto.a/libssl.a libraries and link those to a mod_ssl DSO
+              libssl.so all works fine.  While on other platforms like Solaris
+              2.6 on a SPARC OpenSSL's code will dump core under run-time.
+              When this is the case for you, then try to recompile OpenSSL
+              with Position Independent Code (PIC) by adding a `-fPIC' (for
+              GCC) or `-KPIC' (for SVR4-style compilers) to the platform
+              configuration line in OpenSSL's `Configure' script.  The the
+              -fPIC option above when you build OpenSSL.
+
         NOTE: The --disable-rule=SSL_COMPAT option disables the building of
               SSL compatibility code for older mod_ssl versions and other
               Apache SSL solutions like Apache-SSL, Sioux, Stronghold, etc.
@@ -303,6 +363,11 @@
               (for SSL sessions to be cacheable the DBM library should allow
               more than 1KB of data to be stored under a particular key).
 
+        NOTE: The --enable-rule=SSL_EXPERIMENTAL and --enable-rule=SSL_VENDOR
+              options enable various experimental and vendor extension code.
+              Please read the src/Configuration.tmpl file inside the Apache
+              source tree for more details.
+
      c) The poor mans way known from Apache 1.2 [FOR COMPATIBILITY]:
 
         You configure Apache manually by editing the src/Configuration file
@@ -310,11 +375,11 @@
         that this directly follows the steps you might be familiar with from
         Apache 1.2 and additionally you also have a chance to add more
         third-party Apache modules like mod_perl or mod_php because anything
-        is done manually. But you have to edit the SSL_BASE and RSA_BASE
-        variables manually and more important: you have to install the Apache
-        package manually, too. But feel free to be masochistic ;-)
+        is done manually. But you have to edit the SSL_BASE, RSA_BASE and
+        EAPI_MM variables manually and more important: you have to install the
+        Apache package manually, too. But feel free to be masochistic ;-)
 
-        $ cd mod_ssl-2.2.x-1.3.x                                           ALL
+        $ cd mod_ssl-2.4.x-1.3.x                                           ALL
         $ ./configure \                                                    ALL
               --with-apache=../apache_1.3.x \                              ALL
               --with-crt=/path/to/your/server.crt \                   OPTIONAL
@@ -328,29 +393,25 @@
         $ vi Configuration                                                 ALL
         [...edit the SSL_BASE variable...]                                 ALL
         [...edit the RSA_BASE variable...]                                  US
+        [...edit the EAPI_MM variable...]                                   US
         [...edit the `AddModule' line of libssl.a...]                      ALL
         $ ./Configure                                                      ALL
         $ make                                                             ALL
         $ make certificate                                            OPTIONAL
 
-        Up to this point it can be acceptable. But now the friendly world
-        stops. The remaining installation steps have to be done manually by
-        coping the various files to /path/to/apache, including your
+        Up to this point it can be acceptable, yeah? But now the friendly
+        world stops. The remaining installation steps have to be done manually
+        by coping the various files to /path/to/apache, including your
         certificate, etc. That's the price for staying with the good old
         days...
 
-  5. Try out Apache without SSL (only HTTP possible):
+  6. Try out Apache without SSL (only HTTP protocol possible):
 
      $ /path/to/apache/sbin/apachectl start                                ALL
      $ netscape http://<local-host-name>/                                  ALL
      $ /path/to/apache/sbin/apachectl stop                                 ALL
 
-     NOTE: Replace the `<local-host-name>' with the official name of your
-           host. Do not enter `localhost' here, because this name has to match
-           the Common Name (CN) of the Subject's Distinguished Name (DN)
-           inside your server certificate.
-
-  6. Try out Apache with SSL (HTTP and HTTPS possible):
+  7. Try out Apache with SSL (both HTTP and HTTPS protocol possible):
 
      $ /path/to/apache/sbin/apachectl startssl                             ALL
      $ netscape http://<local-host-name>/                                  ALL
@@ -367,24 +428,32 @@
            before you ask someone other for help. In the error logfile there
            should be a hint where to find the reason for the failure.
 
-  7. Finally you're advised to do the following:
+     NOTE: When you *re*install Apache many times, make sure you restart your
+           browsers between the tests if you created test or custom
+           certificates.  Else connections might fail because the browser
+           cached the certificate details of the previous installation.
 
-     o Read the mod_ssl documentation very carefully to
+  8. Finally you're advised to do the following:
+
+     o Read the mod_ssl user manual very carefully to
        understand the SSL-part of your Apache configuration:
 
-       $ netscape http://www.engelschall.com/sw/mod_ssl/docs/2.2/   (official)
+       $ netscape http://www.modssl.org/docs/2.4/                 (official)
        $ netscape http://localhost/manual/mod/mod_ssl/            (local copy)
        
-     o Adjust your Apache configuration to your personal requirements:
+     o Adjust your Apache configuration to your personal requirements.
+       The configuration is already pre-configured for SSL, but usually it has
+       to be tweaked a little bit more to fit the local situation. When you
+       had already a httpd.conf file, this one is preserved. Then look inside
+       /path/to/apache/etc/httpd.conf.default for the pre-configured SSL
+       configuration and take it over manually into httpd.conf.
 
        $ vi /path/to/apache/etc/httpd.conf
 
-     o Subscribe to the sw-mod-ssl support mailing list:
+     o Subscribe to the modssl-users@modssl.org support mailing list
+       with the provided web interface:
        
-       $ netscape http://www.engelschall.com/sw/mod_ssl/news/list.html
-       $ echo "subscribe sw-mod-ssl <addr>" | mutt -s '' majordomo@engelschall.com
-
-       NOTE: Replace `<addr>' with your official Email address!!
+       $ netscape http://www.modssl.org/news/list.html
 
   8. Bask in the glow ;-)
 
@@ -393,17 +462,17 @@
 
   Once you've built and installed Apache with mod_ssl as a DSO (libssl.so) you
   can easily upgrade this libssl.so file with a stand-alone built procedure as
-  long as the Extended API (EAPI) didn't change and you've SSLeay installed
+  long as the Extended API (EAPI) didn't change and you've OpenSSL installed
   somewhere. For this you can use the following procedure:
 
-    $ cd mod_ssl-2.2.x-1.3.x                                           ALL
-    $ ./configure \                                                    ALL
-          --with-apxs[=/path/to/apache/sbin/apxs] \                    ALL
-          --with-ssleay=/path/to/ssleay \                              ALL
-          --with-rsaref=/path/to/rsaref                                 US
-    $ make                                                             ALL
-    $ make install                                                     ALL
-    $ make distclean                                                   ALL
+    $ cd mod_ssl-2.4.x-1.3.x                                               ALL
+    $ ./configure \                                                        ALL
+          --with-apxs[=/path/to/apache/sbin/apxs] \                        ALL
+          --with-ssl=/path/to/openssl \                                    ALL
+          --with-rsa=/path/to/rsaref                                        US
+    $ make                                                                 ALL
+    $ make install                                                         ALL
+    $ make distclean                                                       ALL
 
   This will build mod_ssl locally inside the pkg.modssl/ directory and then
   upgrades your existing libssl.so file. This approach is also interesting for
@@ -422,25 +491,25 @@
   to adjust the steps with the help of the above detailed instructions, of
   course.
   
-  o Apache + mod_ssl/SSLeay + mod_perl/Perl
+  o Apache + mod_ssl/OpenSSL + mod_perl/Perl
     ---------------------------------------
 
     Prerequisites:
 
     o Apache should be installed to /path/to/apache
     o Perl is installed and `perl' is in $PATH
-    o SSLeay is installed under /path/to/ssleay
+    o OpenSSL is installed under /path/to/openssl
     o RSAref is not used in this example
 
     Steps:
 
     #   extract the packages
     $ gzip -d -c apache_1.3.x.tar.gz | tar xvf -
-    $ gzip -d -c mod_ssl-2.2.x-1.3.x.tar.gz | tar xvf -
+    $ gzip -d -c mod_ssl-2.4.x-1.3.x.tar.gz | tar xvf -
     $ gzip -d -c mod_perl-1.xx.tar.gz | tar xvf -
 
     #   apply mod_ssl to Apache source tree
-    $ cd mod_ssl-2.2.x-1.3.x
+    $ cd mod_ssl-2.4.x-1.3.x
     $ ./configure \
           --with-apache=../apache_1.3.x
     $ cd ..
@@ -460,7 +529,7 @@
 
     #   build/install Apache with mod_ssl and mod_perl
     $ cd apache_1.3.x
-    $ SSL_BASE=/path/to/ssleay 
+    $ SSL_BASE=/path/to/openssl 
       ./configure \
           --prefix=/path/to/apache \
           --enable-module=ssl \
@@ -473,17 +542,17 @@
 
     #   cleanup after work
     $ rm -rf mod_perl-1.xx
-    $ rm -rf mod_ssl-2.2.x-1.3.x
+    $ rm -rf mod_ssl-2.4.x-1.3.x
     $ rm -rf apache_1.3.x
 
-  o Apache + mod_ssl/SSLeay + PHP3/MySQL
-    ------------------------------------
+  o Apache + mod_ssl/OpenSSL + PHP3/MySQL
+    -------------------------------------
 
     Prerequisites:
 
     o Apache should be installed to /path/to/apache
     o MySQL is installed under /path/to/mysql
-    o SSLeay is installed under /path/to/ssleay
+    o OpenSSL is installed under /path/to/openssl
     o RSAref have not to be used
     o GNU Make is available as `gmake' in $PATH
    
@@ -491,11 +560,11 @@
 
     #   extract the packages
     $ gzip -d -c apache_1.3.x.tar.gz | tar xvf -
-    $ gzip -d -c mod_ssl-2.2.x-1.3.x.tar.gz | tar xvf -
+    $ gzip -d -c mod_ssl-2.4.x-1.3.x.tar.gz | tar xvf -
     $ gzip -d -c php-3.0.x.tar.gz | tar xvf -
 
     #   apply mod_ssl to Apache source tree
-    $ cd /mod_ssl-2.2.x-1.3.x
+    $ cd /mod_ssl-2.4.x-1.3.x
     $ ./configure \
           --with-apache=../apache_1.3.x
     $ cd ..
@@ -508,7 +577,7 @@
     
     #   configure PHP3 and apply it to the Apache source tree
     $ cd ../php-3.0.x
-    $ CFLAGS='-O2 -I/path/to/ssleay/include' \
+    $ CFLAGS='-O2 -I/path/to/openssl/include' \
       ./configure \
           --with-apache=../apache_1.3.x \
           --with-mysql=/path/to/mysql \
@@ -520,7 +589,7 @@
     
     #   build/install Apache with mod_ssl and PHP3
     $ cd apache_1.3.x
-    $ SSL_BASE=/path/to/ssleay \
+    $ SSL_BASE=/path/to/openssl \
       ./configure \
           --prefix=/path/to/apache \
           --enable-module=ssl \
@@ -533,6 +602,6 @@
     
     #   cleanup after work
     $ rm -rf php-3.0.x
-    $ rm -rf mod_ssl-2.2.x-1.3.x
+    $ rm -rf mod_ssl-2.4.x-1.3.x
     $ rm -rf apache_1.3.x
 
diff --git a/usr.sbin/httpd/KEYS b/usr.sbin/httpd/KEYS
index 3a51c83f751..38f901631e7 100644
--- a/usr.sbin/httpd/KEYS
+++ b/usr.sbin/httpd/KEYS
@@ -84,6 +84,41 @@ C+MrKDeSk2WAicg6Uo0FWCsEHxrssw139A==
 =pwim
 -----END PGP PUBLIC KEY BLOCK-----
 
+Type Bits KeyID      Created    Expires    Algorithm       Use
+sec  1024 0x08C975E5 1999-04-14 ---------- DSS             Sign & Encrypt
+sub  2048 0x4CCDB430 1999-04-14 ---------- Diffie-Hellman
+uid  Jim Jagielski <jim@apache.org>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: PGPfreeware 5.5.3i
+
+mQGiBDcUl9QRBADl5tF8kOD0uddlnl9qsaG70/hwujGTsSXATnqoLseTsWORoVXf
+oBklokEAGmT2+Cl8XIXZ31Wh+GaJ3CTbEv8Ok1vapOt+ltPgOKzZEB4uP25EbhC2
+LWf+lUoafcd2Xi0KBV4fqXqEEuDGP1TAdZ6k7NVqgpjvbJ5TdqL0LrWOOwCg/0b4
++/p/avQr+uZRU2rdmYu/b/0D/2LnjcEqUjsslh2e9m0OgAu+gnYAmQH6Dbnp+iKl
+jffWPChwIMFZd/7FnGOzYDzoqnzTFyA4VE5PHWL61V2lpHJWB21K9D6rbEcx0iYB
+AHHxZQEmxSBU6PmGnbF+2P7vC0Jz9gZ5dCbjtGboYxd00/XQlZwCs8jHueTpSfx9
+n7dYBACFpW+v2pSlG0ReiS6Ult3gaGWiw81D0nFVvCp5BlxgQDymyF1MS6FbCj/g
+FGILosMhlsIHTFaC0DD0LSXyN1rm0ykPvi+vULIlKNJwW7fCi+33j1Azx+zfMNeO
+T5vqAfF6cvsZ6qPb9CcYvU4jEKvkovA1U3jMFehqcGkTV5sfvbQeSmltIEphZ2ll
+bHNraSA8amltQGFwYWNoZS5vcmc+iQBLBBARAgALBQI3FJfUBAsDAgEACgkQizpg
+HwjJdeU/8ACg3mtYerA7QN/8Okp2IgGr+ge4yKgAn09RX5UR8DyZ1/Q8OFasE6T6
+Tg2UuQINBDcUl9UQCAD2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoBp1aj
+FOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3bzpnhV5JZ
+zf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa8L9GAFgr5fSI
+/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsYjY67VYy4XTjT
+NP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AK
+UJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAICCACEhzcRGEc3y3/4YNaG
+89FmtIRpFU5zoaZxxDrmUiS1HdhqFykv8ozaTyjfImCuhq8i6DG15oGudxPma7Ey
+sCcA/qmQEBVrXFK2DYTFW3UnPyqiE822plo0d45u1csKzPvGpHYVGC4HOEKCghRy
+/54nH0fsKV3VSlIXAhRG3LIstzAtslrSYELW1Lov53GK+YZpRDJTbLAxjIYB8kEY
+hiQYzHm/cbBeRpjG9BpoBQh54dNOj22CU8HC4KvZSnDcLAzmDyrQFXFfffvJtQ7+
+HH2iIWKMFOjpRHh2ZK6uhJb03Yo/v+admKs1HSEFdV5VJUCkqymhKT0OiWnXmNHq
+QUfliQBGBBgRAgAGBQI3FJfVAAoJEIs6YB8IyXXlME4AniogMeV3YLNf6C1Y2+k8
+F3rt0S/OAKDHF+wfxLDzCxsoQbwesIUAKgb7Hg==
+=mrXV
+-----END PGP PUBLIC KEY BLOCK-----
+
 Type Bits/KeyID    Date       User ID
 pub  2048/DD919C31 1996/12/24 sameer@c2.net
 
@@ -240,16 +275,28 @@ B7zJElmBUrmj9aW6ICmSNbOBwVo1Y7hg6lPSFFMOOECFpT1WuTXXYpNA
 
 
 Type bits/keyID    Date       User ID
-pub   768/8F394E3D 1995/08/08 Martin Kraemer <Martin.Kraemer@Mch.SNI.De>
-
+pub  1024/EE65E321 1998/10/22 Martin Kraemer <martin@apache.org>
+sig       BB1D9F6D             ct magazine CERTIFICATE <pgpCA@ct.heise.de>
+sig       E2449019             Martin Kraemer <Martin.Kraemer@Mch.SNI.De>
+sig       EE65E321             Martin Kraemer <martin@apache.org>
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: 2.6
+Version: 2.6.2
 
-mQBtAzAnjA8AAAEDAKlpkRzZ7c4yDdVnW9fMHMXrMJ8gQ+UIzr1xt2+y7Sv71Nv9
-GfUuTeCWdOoynFUXvvBjyCuEIZ426s9UfrnWv94VppoS8sjFgLYkRIAhZiDMHYp0
-j8i1/f82KtdYjzlOPQAFEbQqTWFydGluIEtyYWVtZXIgPE1hcnRpbi5LcmFlbWVy
-QE1jaC5TTkkuRGU+
-=hcsR
+mQCNAzYvawcAAAEEAO/lLOQVYsUS+l7yan+Rzr0ehfWRqlgeNsV4DQ0xTuQewD9K
+5lm7ujRwutxlNaf5dXjE24mlsiRN8KDp+fKwm7Wtqv490xmhzS/6y8ekwB02P4fi
+/JJNX1PbLS0cL6+bz2dFqLDhh03Ovz3G16Y9he5mrJ2PNOWa9Dfj9F/uZeMhAAUR
+tCJNYXJ0aW4gS3JhZW1lciA8bWFydGluQGFwYWNoZS5vcmc+iQCVAwUQNkcAbUS4
+3da7HZ9tAQFUnAP+PrKa3YFKp9XTrANmORex4kOyNpM1adS8zM6bTcHyIkH4WitB
+b2nRbqOdOuSwbh655aSStluIxY66CValeL+6E7MCEqQ/UlzzMVmdbMyWSYwDlkV3
+gQkg3vE6bgFlWlLLr2HnkllY3ISEChDWh8x7fRKLy+8ZBGW89ZXOGkhIb9mJAJUD
+BRA2L2ueKwLDReJEkBkBAbeGBACKM1FCmQC583/IHyw7rDlvnsZKeKvdbbLGSnmJ
+NWOyf4VgkC8OCKmwPnWLOOIK44/JsT2Yonih2r+04FBqYo6SsMgBqOBJqKktHvtx
+bD3VfUUkkV8kZ4ituecWTx0zj1Oa0QiCiv8HHvdsmQB0mj07mWQz1CamXPSwHYn+
+t+fJOIkAlQMFEDYva2c34/Rf7mXjIQEBcNQEAOrt4+o2LwcCiJp3bOF9WZMirpMQ
+QJISqXBnom3r2eB+k1a/Jig1sePSzPxneW9EgWIrWg0EfK+u2kMgvTJynDUux9zL
+4qnECmZT+ESEm+P8rPKeecOfUHgDjQlTUCneOX5p0TbdvJm+TcJVjXjoVrYv6hZg
+InYw+jlvF5e/sdI8
+=03LU
 -----END PGP PUBLIC KEY BLOCK-----
 
 
@@ -339,133 +386,242 @@ ThQ1KefmJKyzfcosZQ==
 
 
 Type Bits/KeyID    Date       User ID
-pub   999/F88341D9 1994/11/08 Lars Eilebrecht <sfx@unix-ag.org>
+pub   999/F88341D9 1994/11/08 Lars Eilebrecht <lars@hyperreal.org>
+                              Lars Eilebrecht <sfx@unix-ag.org>
+                              Lars Eilebrecht <lars@apache.org>
                               Lars Eilebrecht <Lars.Eilebrecht@unix-ag.org>
-                              Lars `SFX' Eilebrecht <SFX@unix-ag.uni-siegen.de>
-                              Lars `SFX' Eilebrecht <SFX@appl2.hrz.uni-siegen.de>
-                              Lars `SFX' Eilebrecht <SFX@appl1.hrz.uni-siegen.de>
 
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: 2.6.3a
+Version: 2.6.3ia
 
 mQCKAi6+wOsAAAED53PJgrIYS7iHbZn0ycrnzS03fwvwsDpoAVouoqqBSVNoVXH+
 lL+8HzX/fADvNyk1lYi5kTiYR2meKB1p0qpvj4bQ8ZEmcBemhV0FbESJ4CxIgy6V
-euxOD3v9gauyf1u4lkfyLIsCepuJqpkH+aOviE9VhTcE/D6Pt/L4g0HZAAURtCFM
-YXJzIEVpbGVicmVjaHQgPHNmeEB1bml4LWFnLm9yZz6JAJUDBRA2KRwZms08wKmf
-dd0BASoSA/9ZwyAWilXJNMWsV0KfyUeHZ7CsFA9/KQixLtpSH8ij4raLasr6rurc
-Sckrd+OiQKPQG0/TSXSAEP7suatV6XTTLEFHJbmqchTZXMSapwxFWGLxdG+buCiO
-uVxbpop4ZoKz2xb+GtdeyeDr+//gFL+wbEqlZMXfvwgzBCxcOM/tZYkAkgMFEDPN
-Dtg+j7fy+INB2QEBxpcD527wocmN2jHxCkmImID+YMVF8g1Rij3CEy+oLAZiiNWS
-Rxj2lWTHhsVZXtzF53+AD79rJqrFhZUCx+W6vG46uLMuu3/VpnEfq2QsD0d6zIUv
-SDFIxsy/s4knyvgfMeXczHmb7vjGbGsyP9mqjAyN7MUcqgBBANH4HX9CSRN8tC1M
-YXJzIEVpbGVicmVjaHQgPExhcnMuRWlsZWJyZWNodEB1bml4LWFnLm9yZz6JAJID
-BRAzzQwFPo+38viDQdkBAa31A+dPvsRw1zWvyMDp2aQwqIawIi2wiFl56lYfpkwW
-WjsdftuK0HHe+gek0aJ1vLwJFlrivroEukF1JaK3kS/ob2u/TNIZ4MKWjfhbkJW4
-0Y7gCKCUJPzh6hDw1nYfc4N9XKnwubiRVdW2ig1HVoKZUN9Ad034m30jMHEzqXbO
-4LQxTGFycyBgU0ZYJyBFaWxlYnJlY2h0IDxTRlhAdW5peC1hZy51bmktc2llZ2Vu
-LmRlPokAdQMFEDMR9XVLXCU0Hmjw3QEBftADALeK5boLfjNzxZ7g1VPHw6k6QwSU
-ESwiPJCmGTIT5f941YhHqohgwN5kGR9XDxWCCJAqQfFvbxhiZv0zu4HvQ7FYLVLO
-2zwZrVvOfR259jvGDFpPqRBq1ccxTNXuvf2a44kAlQIFEDD5Hn++gkWXZmzJrQEB
-WVYD/R4XFxImsJxzpaykt8Hl4kpQNWYWHd5ae81QFla/vfIplBqeVWr299pUbO1x
-Bt4EFPi5aya8CGwXs8uRsHKn3u711jfTri1mKpiMBWt149BsUk5lFCnE9gVo5UxY
-cpM2vb1I5DKeo/8/DuYz1FQhXwOxGqBqIr+ggQ1fN7Q0v5qziQEVAwUQMSxVdPCJ
-hGMAVxgRAQFafAf+OZxiZqpgeA3iMZzbOr17v4YjL/J4N3phrcy8ssh0rmTBbNHW
-OfRR0yzGlAXespCSLzBnSQMph2MXc3Al51LK4z487iAQxpu5k/ZKrg5ahZI7X5ok
-viTcRjmXkpbbXp+sMs6J3ZOOjxO1tWytSXW5/3lKwbjzaURlbUbBA9QQSGAYPnsw
-Z+CPKRNuUsk2EI3y4DWVjuabOcCeNy4TLfB9UIY81oXfXOyT+i2FwZ0f1befeZuu
-PICGQIxlEFi3Hd3hDEAgNJ8Hu9C6XACnYieT7dVYtlYH14UTk6/CLKkbWNhd/I5S
-QMPbijKK2zU5U3vPcolA1UalSBckftDQ2iTmmYkAlQMFEDD5QYseKXCPGoSZUQEB
-yFYD/jqPx2u8D1aQzKHvZqS9PUYSsPMTgn10FR/tp2c9Ch60f+BQ96fOUCzmRt94
-Iq1iMZsJ0oTyLLf6wf/Mdb1LhvsGf7rXFATh25OUpPx1qPUWstSToHSn0+Zf8e1B
-0p6PJ96duI6rimoc8NKppOwSmRvqAD3ATCKpMiOSwWe9+mBZiQBVAwUQMPl9Sgk0
-Yuy5gjk9AQEX2AIAlCphj4JI/yvodYIlpC2MPOs+hfTvaMPVhSCZZ0EVfZgTZpLQ
-XQDiUolYBvTHJnjBZyXZozln/df4MBHQgKWwmIkAVQIFEDD5RPk+NMzsOfhZGwEB
-5EoCAINMQWZZn+12r2nFScCScf5TaKpm+Y6MfEsvVg0trveEJ74ibbFDo8ABZ2g6
-FgzfDxAMbxNsUQaMrhh0TaSC9EyJAJUCBRAw+O6OHdm2eHD917EBAfj1A/4/cYEE
-a7jN8+ptmxZKsfZ0xOP2dxsPnicDT4VR16MHN6rkVrto782XSiRx3ZUsd9RjUmfH
-ZA3mHoJIGo6JRFVOeyjg3LEASSSfZr4YFkhutnf0lDlJOeEKhqvIw/dSO7MDwdLx
-hOqAFv9UzAlpOm4GLx9p1N61xDl1dIYEnY9cOIkAlQIFEDD5QnyFat0badac6QEB
-CCMEAKV60AedWZyXWokcwWIbW/PLgNTCh8JL1vijXGnBvT2PuA0L7/rCXPhbb20A
-rrq+P6xbGFxi42iWieeU2T5zN5IlPObT6cPeRWJkxPnaSf8ZD33Y1almcuhhYMUc
-7lkL7yqSo1J8TRVCSxjQ4W0+QDUFIEvrigb5Scd7zYHGOqoSiQBVAgUQMPjN2pva
-UYPwhBsRAQGNhQH/Z6IlBI4hdGb8teelMgY2kf3Iq08NByyygJAI48HqTe0cKIW6
-BPcBkJqMooJtRJTX6Rkt8fRKe/IPGeHGqyW3eIkA7gMFEDDhUR6K3WTWEs11KQEB
-TnkGwQEgJMk8SHR+2iBmOJQ2x+kv4LVmPp8hdaKCBdfvJDmrSpuEgrBWFI9PDpSw
-F7NWLPqESPnWo5dd8YeynzYz3aCiIXAOUB0rG8tujF1dSn/kFUCMqgqvbPOU3sSv
-6tVlECIAh67GTNHn61IIhLM0KG4v9elo0Lk/SpWwRRPJZW/ltQBApjtR+juFOiq6
-86+eE9kKBCImCIthBeE/cf6JfwuS4+1ui+MmkkqrnO8+07bdjbkWTSzTL3l12v/t
-M2p8Fwqps41y+3nIEOzq7Isf4zBjfw2ZKeXbEXq0M0xhcnMgYFNGWCcgRWlsZWJy
-ZWNodCA8U0ZYQGFwcGwyLmhyei51bmktc2llZ2VuLmRlPokAlQIFEDD5Hv6+gkWX
-ZmzJrQEBD9QD/iIIvOUqyKRBWjHgJD7zoskxDQH/YVhJu59zoCEOJGwXFPLlT3ce
-meMCaVLa5XvoDnLYWZ/bfI5nFd9vF9GwwbmP8/x39Z3N2xKfJpD8eH5inu5AwtIs
-kfXjmcZhSfDgv2XpAaFigz3wIBt+XbkPRxJJxfqD5oJ1ys0qNe0U6jjyiQEVAwUQ
-MSxVrvCJhGMAVxgRAQHLVgf/cW6FlzmOeIvJ/3yB7vhSOlpivnY00iKnzzCpWLOa
-saC4NPazhqNIewBa01KSuamIicYkzXk8MeaTq5EaQfJyA+NtdWSm/3/ivKWoO4Ka
-qJbVPnxaDnB2KBH+2mq0BJ4rS4i2jVZuopbtMAHV+lQUHaVH826YaFPa+425A/H+
-Oaqn2EdkL80fpIJsACsudYPDGCKS3zcMjspVK1cXqNRDzIOZ8I/XtyNEJpw1yRGf
-t4jrn4lj9jU4y0v6sFOt6jpuvAmyRN/pebwjYJw1Ye697MMkn0nEafH55Et+XfdB
-OYNm3Sb/J2g8j2JVVhN6JKuFYyM1kvK13Rky3SiLPUzD94kAlQIFEDD5QqqFat0b
-adac6QEB6HsD/RooPR6pFnSisCerTlPhSvDI2gl2HUMFw0CZJ5JKVlj5GFDZp5jl
-0yhgCFCweFuE7RUgMOkvGeEoEPZeyipacsrVIcO26aCQyerLTQd6JTgOuCEeEvkj
-BwiqOrVNSEPM5TWPzQc7Q7IDtKTsCT+xNGtO6Pi2+ArZaodZTtp4tXkCiQBVAgUQ
-MPjOC5vaUYPwhBsRAQHdVAH/eIgCk6fo3/Mvxu7IESdDLM/ozh14yvZz6FvC/VKt
-Sp51goqsV5jI9wKANIjonLeO7GJubjO+lqHvsEVsGQ+wpIkA7gMFEDDhUjOK3WTW
-Es11KQEBgTUGwQGH8Ic7zNaUlRmYm5J8R375iP8CrJ/xILbET69VsR2aDG2MA2z8
-NBBkV1ARrAC2YWa9sO91yCyf3NAI6I1oqtbv/09Im/s0bTu66dWrqRAiuTB3Ou+g
-HJ0fc85gTWcBd9/xS/mNlZb1/ZXjkBaYdl0Bzm72c3+HqZjHzT3nlxVY5HCi15J4
-iDgCuCPzeo1r8QgGmsbP7fD+0Hka7tlXb87WxPZt+nkjGS9xmLrNHw5/vJpcN4+f
-zevzhTQD8IcsUr0QcZUH9jZpm6xWpibPF5z7FzXTorguf+W0M0xhcnMgYFNGWCcg
-RWlsZWJyZWNodCA8U0ZYQGFwcGwxLmhyei51bmktc2llZ2VuLmRlPokAlQIFEDD5
-Htq+gkWXZmzJrQEBjswD/1Nwm7yoV6sj7qTiKaW9S3DQD3LKXtweiDdYF0lp961I
-WkuyBur4aYBNROQK82zFQqKNKfsm+FXu+N6AYQ2zEUJEUkT9RQgmsrfU1q067Zoo
-+dck5T2zuH+/kqmF9t28Gv4jjxVTit6C92NEhciutNO48kK32BT2mgX2w7tds6G4
-iQEVAwUQMSxVvPCJhGMAVxgRAQFUKgf/Y4Djeo18+ZAfr0BKl14P29dKK3p8OLcn
-qXh6juBfTRiWnFJtrQfGH9w3pQvpi2RRuDZTTQzhO4eOq2g5gy9MytU1htLRVpVw
-BnmmjLRWz0WGqr4y4ZULbg3ha5NsfBppdgHKk5Y+BptvIL/37ZBkztkiBXfs0Zbc
-3fZR4bSU1xDOE+HS0BofOxubqfZrCZvAjMCC5NJ4R13H8xnYg6NKQCAqOfeCOVWk
-Gnc/BK7VArMXjC8o/9nQDzY2fRPINPnCb4f/4PunwOrEza6zLxXfgNraQJ19boPb
-/o9DBlvNOWkq9gSmVnTEkqrEMtiXd31KAU/LVCRH/70mx7XZkF5/N4kAVQMFEDD5
-fY4JNGLsuYI5PQEBW0kB/0s9AqawHqJ/0rO9jsMhk3vuHNgwVF4DoKTL5EDIORET
-ccAf4UZVJo+JzmjYxc1f2RkwkMkk/N9afKZmcNSYzteJAFUCBRAw+UUZPjTM7Dn4
-WRsBAah7AgCIWR/HNt+V20bDueCO9mhwGirq5E7TJU+C9xT+3BeZXmyy/AR7tWJd
-KnC6laGDLnMko3CWr/XRKD+rC050nNsriQCVAgUQMPju3R3Ztnhw/dexAQF0awP/
-cXwIBaEAj4D/ShzMna3NQ/EM4aTniAHdVIH4d6Uh2RwDCoYt6HwEP11xfBwI6bDW
-lQhdUgDzGOXmOxKxv/Xti4viHOwO1KqjRtHOyDf4hI/ou2p0bntXMZ5yVv0WakyW
-7kYd7KxTbYd/CTKe8HB+8wkj8h1pb31JJoXzWsgmwXiJAJUCBRAw+ULYhWrdG2nW
-nOkBAQUwA/9AUqFQsXW9kMi5RooITiQbRynunPh2aqadVnuLZoAhxp16c+EQYpc4
-Qi6jLPBVemHdS4PW8vJegF1pJtDZ4VfLNwwkIxj7Y0hU8A4BcHUIfFdOER7SwbW/
-i7QTU8u3vNHfmgIodv19D7rFxEzqqPxMHRpIs8/IOG9L3zc3kV8rnYkAVQIFEDD4
-ziyb2lGD8IQbEQEBg6kCANj9mr20gcYRZ4eDfnuTSkSvtjvKox0EtM+UnAAgihxU
-q5vNCZDEeohZSZBR/p2pktcSu+cdk5bBFHtzkaNTt82JAFUCBRAv0u2cmTVOo2j9
-/00BAdubAgCcmQl3gvdeQuA2zSmqHNrCEXdmjIIltOWc8WFCPJjDt6c2cBdmuwoO
-YknWWGDMKXvTlh6lPgIVx3fhlhobxxFKiQCVAgUQL9M+R0axifvg3qptAQF7tAP7
-B78y93gaojDMC8NwfiNKh7l5cBh0ONA+W1g3O7YLE5W7Z/fOg4H3pOujnqU7H3Ns
-ChmDxtBKQIIiZXpnNg4Nt3F765t8EPrMmjjQJ4a6+8CHfmXmfNSWqPMdjgJW4ykM
-nUasGhgF1Z8flNNkfH5gfW9Gr8UcClgKqa5xvkhC5cyJAFUDBRAv0zvKQwZ3Rx/t
-AzsBAVs0Af91cEjH3oZPIaydSZxPUjF1SE3p93NnY6A3mKZR1vkewG6sRqVa4MO4
-lw8w8AU7ge2rvwupF3weF1Z9DG2bauGmiQCVAgUQL9M4SuXLhgyrRKDJAQH/vQQA
-jGM370MwcIfmtQ9e/0j0nztQwQ18dXMA+dMyNHiGrc+JC71u5zjxwmO7R1Vv7ZSA
-af9PslF/118wS6fFg9BP+LO5T4D44wMJTfiMMv30Q4Sfxn9DX9N3iYzL1PTHmlCO
-fCQQqvC451XbcXECqmqWHEqII8//4w/h9yrl/5F/uXmJAFUCBRAv0lcf/ZhK+bLW
-8KUBAc/rAf9rmJ56O40QVD803+bU1zSiSE1x+FURt+ceAsozqo9taFoRIGXTa8Mp
-swStyALnJKpyDkGEnTfRdARVQtcEzYJniQBVAgUQL9JDvxEZCRz6lM9/AQG2xwH+
-IQAJZEvldNHzeikez18Txy12EnJ9k+za2rjPVnlX7+teIY3VNO1homUgwqjoOHpZ
-kdGgdOdmufOglT3Rqrk5FYkAlQIFEC/Rt+1JSaYsE52Q4QEBzUYEAMonc3UFNjGo
-n8F/omc0PPA3rfH2IS6G31FN6fRarW1Pwk7CWlx3wgHm6gO9xfV5lDjBJ+lVmbmL
-z/1MZhg646eFRbugtBYbOXwE6zmNrKBhchVueVONzwWPIA8BZtR2Lw6CikAOhKgl
-4ndg8PO8UUg8gh0VUKGTPDK0MKR7ZCpGiQBVAgUQL9IXPnmMGAx7t12JAQGpIAH/
-Zrl16ULw3/gl7T11EbnbA9T3LjXuD4TG3IGeEV3z1wbRp227yN12a3PbavEKJj1m
-fWrZaT89Xt1smYBaIwX4aokAlQIFEC8YGepIX6svI9kr4wEBnO0D/1R4HlUM43CU
-jxdinzcijOJxRNe7ieXpp7xNn9SuJotDVeCLDRFSpmF2EFb0KDyoX2bY18xPT9sW
-tIMYv4XigSBwfuR+Sp+J1CLdP+zzmIZbZBc+3G5xM6nipvaKl1DkhSlLqedW4dmg
-1rKgCOXYKHdzHUcaneNE4rkoWlVwG5rhiQCVAgUQLs1+vx4pcI8ahJlRAQHwXAP8
-CKLDWFLJ7Fc3JZ0MnuPxW79M9nRQwL2TI/Vd4lCUSiDOUdEvjU45MLmLgU+4OZNP
-eXaBSLkN4z8PUkxGEEvSeCFE7u04VNq1GJ2aC+fHVFzuWbp0LsezqDSnm6xvBxz4
-0yEaZnkXu3+66kXZV/E4BNIkCaB5V2qXxrBIg0D10iCJAJQCBRAux7auD0cvWzTX
-TcEBATNVA/jU+bTUqnlZdrf6KgCv+hDOs6VO538cExQNsBl7x82Djbp8Q5t21YEV
-8LiFN1imuLYqHXqDEHt7qtroNaBYXgnR24QjI3urel+kYMibZWxGrq382C2apRea
-EDmQ1qtEzP+kXexaawAzKMo8VKWMnXjQYBLZohuUqfciE9A7OQF1iQBFAgUQLr7F
-rZXTi1FmcalVAQFOLQF/WCuTfcsEc7z1WK5BMQltCgnNvuz0himNP2FxPl4g5rq3
-u8i03dqPbuVwfrxSzy+m
-=tg0D
+euxOD3v9gauyf1u4lkfyLIsCepuJqpkH+aOviE9VhTcE/D6Pt/L4g0HZAAURtCRM
+YXJzIEVpbGVicmVjaHQgPGxhcnNAaHlwZXJyZWFsLm9yZz6JAJUDBRA3pN73pBlG
+R0SoBbUBAahrA/9/Pyd+R/2vz0is/Tuu6aniMYb5O09OWypVtJ+1QB0Hr2pTB7MR
+Spb8ljpMTT+Mv+hE9RZm0lxwW6OgYbosrDCwpw39Tfs89UjFJMmCj+UyThmpt52k
+g3MkcRD7C7J0w+RVV+EPs67vLya3wKRRXKa5i3I1RlznleiJwxxGAgaxOokAlAMF
+EzeoM6P9LZCSqJB7JQEB9XYD9R+ZzFmtJuclCbKR7zZcB/5lqpbmuDRMStAaBIq7
+KZ019tbuyj8RGdc04UFBAVL31pwHl2hrBTsCw0ZsVudvRg1ufn9KwNQnmO4j9fbE
+fYJ1gNDgTaf0zMZ5KdKAhNtw0Wx8tAntvqjcxM//h4lSMn8HWiYlRqNFSxRT0nGT
+CxqJAJMDBRA3peHbT37mpPWwmrUBAXpIA+kBT2YJm3tep61cxMn64OlY+i/OOt05
+Of+fcJwPwD4q0hxXCeWMYSueDvavvJG4+42T1O8xLPCeR6cqe8PBtXlRbyY4b6cI
+mFRuOsFlqEtpXNmJ9AY2KIU8bhZBuzckS6oXGxbM40PiXsIwREib3J5OY6G4YG23
+8LpTheINpKmJAJUDBRA3nOBupMNFzIvCD00BAXGEA/98Rkn6Ncn9BgFUJlLskcsw
+Bn45IJhIJtLYIqyjSWZY9iGPU41txPPcqi2k2atn03ThUufQc4V1R6pnLZwijeoA
+pd3AuXv7o0wRj/zi9lrhpQpE5L/9YzJ+uGkHTMjMBSks74IR87QVebdMxSvFYBPK
+QbwAVohgOBdZyNYyiCn3SokBFQMFEDecWF2urbkCPI45bQEBc40IAJ7NUAL5a5Bh
+qUDf60pLZlYonowEbAnnkT+0pnp70JD1w4+bi1dSa/iboU4Kedf9tqGnPlC6LhN+
+uPWSyJcZ4AxkyhBPoezUdpKDYxezLbSlnsWPpjSHo2iYani7uSDFjppTq5vmmkPW
+lW2NuI9DvXtDS6UnHJa31CqvVl60vmuyQyceI75UK/Qe4kZRgfFQsLrCWpiw6fLu
+KB9NWm5wVt09ZN4U3Zo7eSNVZfSSqzkPKgXR21yD79Qs66PxjM+SH6PrbD6UEtkW
+llB42nzdiQ/8MGNCFLgnaYqUkLe58Y2oicWy7OxC+wWPxuvCW64TF8uGkDlF8ors
+J5DTX6c57HqJAJUDBRA3ovk3JBRJVbhWhOUBAWmRA/92NqJsbkEExxDNrAeQB5Y0
+draruR6h4BTWreJtFH4WitgnqOvU8ylveGLMLiv/cZKRmZuDaBncoQ+mdCMOeZNB
+qW0xGKS4nm+rTw7LlG0DjyO/fDTe8LXdQBxR5hDcm+ynfH/Q16x2Nov7DO9NBvkq
+vvp/nj2KzGH8wrgsHFzOkIkBFQIFEzeOINlR6m16P5LTsQEBE2cH/00BLuWwe/bX
+DqL9+qxsx+Ko53cuJj6ZLwc7UU/YKEW4/9q7EVG3slfbl4aPWWURH5XCpn0iDpKc
+fEvgsbGe6yEoxpDQkj2fTnU9z1B7aitb2u/a1NMhdgNBOHvU0p9dVlaanqsGG0zV
+KE2yxZOa5R7H27PESjK2vT0NxljuUV0zV65oQgb3zT8a1DNnpvbVcPskTSrPiecm
+p8B3sH0OdG9mCAEfO2QDLcg9+XDOH7M1BvH/x6eo3ccj4TUAIx0GCz3LsEenAxkw
+18Bgdu25jhBcjdgNj1yvEbD/+vc6iL3HkuPbDt2jtc25QVRNPYtMDPVOXCzRovAJ
+WOEMaLb74hiJAJUCBRA3jiC/xEaR6Lw5pc0BAZshBACeTZNGRkwDJC4BKFan90qG
+RCAxkzFCVxyFjetBqwkeFsWM4E1dKxPoObjR0lrsXt+IbxZ0xUQB6yquCyIWZvyl
+v4y77ZxBfklHQwOZimA1rinxgOsZozdAJY5OztaScc5fKEDmMGlbc8Kn0UL7k3+p
+FOF+XuMktL3ZUt9nyEbU0YkBFQMFEDeOS7Cec+sKTVjuUQEB4I0H/Aw3vqOo4y12
+XODHVnRiRcZ4fRunqF5KsqHdBuf3Bh8fH99iwlIV6rj7Rdod9OjE10ARCvoxiaYj
+Ev+DF88+xam77IkDks0IGU3ou+c2RjPI9h189FWG8q5m04ZcHtvo3GnGvmgaD5wd
+setAM/xg4279gktoUi/o/Xi6DpJ0mx0VBOuTVwnVEKoCUWJtWrOjVEF4teSrI8n4
+Mb+Y/Cche/iu8l3t9fnny90RfOg1r6jSJi7wy9XSgVangSCjWlrn/gbYmsH7wb2B
+9BUfsiEu2HAZVAIGuOZeU0nqDl4Z91aMK8scVBKBHmeST7dYB6KqXyQaGmDDsxU2
+5ks5GBPChuOJARUDBRA3jOyQaxYS8X0sCakBAd2hCAChV00lh5v4uicK+hHrL6uz
+FI0KgtehTYBLC21EW++q3g4UtVw5bg4ksGgM0cN3T2O3VJ+OIeYp2aW0DUTGVymF
+SZ7Ezt+J+YTq1PeDVpqWI16z/qvyGCJwNLWU39QnX9gYPTfoB0bYTCqnp1CZ6l/n
+E4skqiryJCyoy/icDBsErz8WkPS7R5mJlNtmO9T0WSh6w6AXQrsKKorl1p/dcyYM
+Fr+ggJ7fq1xzufnUdRi+S8rWQbIqcgIKIrGrSaHqKkf4zIHn1QBJO5HomHmLT5pp
+d6SUbXCnTFDk05uSmZHT4g4/wyqhxkWlGtyTMjDluboRUIFXR3Q1cvBMiZII0r4S
+iQCVAwUQN4uW+cmGeh06atyFAQFuigP6AltjOGhRcEg5rc3wrSZqk6fpVucw9qhh
+QKPv5aBTWtIJdIQy1mls00V4QjPW2PFGWpQJSl0ZXTLIgrr/rlBQRziJ8WFMmLhE
+c/TH1ZUSfC3P2YMd9rWxIA6Nk4c7qDmR7bYE6cvndRCEws5NCmvpigY+30tVXBU5
+bK1zgVmR/E+JARUDBRM3ieTK4clqXikoFOUBAUjKB/9FstalvSqDeMHbcYdRiC5x
+AyDA5fU6ZY1keaTSQY9qPCVfHji87wbJge2kmIxA+ldpQQQB7t3z7ktPV25o29dk
+aZpRHllDfzGd7heJPBC0DXEIXu3XZRUG19Baxt2VZ8JA/v/bzL1o/i/sLTEvDk4q
+OeB6LZrvRcK7COFYlSByZXmWcbZGV39qzykG+NxrfXqOwz4NZqebewj3e0cQ/cGv
+csRnh2IsMMfWXDOfioUgLsYQzuVP9imGhRtYzkIf0vf5A+YRBBXLvrAmp3qpJqLm
+D0pSYYGXxwbGEfLqXa2lbjDToRfDvyGfFtgen1AfgaUIKiqRVTRCvxf9ZuvQXiac
+iQCSAwUQN4UudD6Pt/L4g0HZAQGagQPjBZRiXtA4UeXk+J1zYjYKf6dq//K9Fi7z
+9U4obGoY0e0k1OcOGWEa5DWhl3vftOaiWejmU4gXveYcdVCly6fNoX1T8EAmu2Dt
+/qFxyZ8RSWb+ncTqYGM1PFVWmvJBmDfz4zg88gNLnIfxzYravVCvBpaSRjhouBPY
+BegjWUu0IUxhcnMgRWlsZWJyZWNodCA8c2Z4QHVuaXgtYWcub3JnPokAlQMFEzeo
+M+39LZCSqJB7JQEBpE8D/AunAbzd6eYOmNwVXWh6krunrxduJrLPMwBye0H2g1nH
+Vvhoo9q17Drfl72Lo/Ku2Gs19TVp+KLNk6vcol8ULAdQYftPhIUF8Hf2D2dARMlv
+jLr+fQoYYRS1GX9OoEN4G8PntE0P2aGplVuf45mUpEFaPYwW22FjFykBw7SFp/7i
+iQA/AwUQN4pfglbmlud7DA+mEQI0xgCfdPIVdT687G5021a/3W0GWJF65JQAnRba
+oZFy2n6HDJobnSOyEHHHI5E4iQEVAwUQN5TIi66tuQI8jjltAQELnQf+OcWrzHw8
+C+StgCtQmRJpMFEC6iSfnuBTAp09LFIWdXzuGI/xxyfDGAWdUBwH8mMhO7wqJ1Mx
+suptpeGpk+bif13Im6G61DJU0gtZypfe/r6cvG1DojE1esU+4sP78ZD1+bWBjkSb
+NE/YT6gqiftok/TsKvm8Ry9WwRHvRZBMQ3Y0ETtDzAQAojY74Ct6TdGz2rp2CDXj
+6zY0dt5NnHfdPjNFwCgiIGgvSwzwfyXgOB2fap7aHwqdEKZcwSjjpNolSmH/lxlR
+IrERjxGqEWGqDEDtP3q6xC6MmNq94002/hbUfLGnmZg7DT4h62ZW162XAVl8+qWV
+cmNTlRyg4NRz9YkBFQIFEzeJ+2pR6m16P5LTsQEBnlUH/ROK2rG+VFiE1o5oipaH
+oHMJAPmGCfnBlEBMPxLbRa20BEWVbQu6t8oTxhpVEXL7pCcsZIIZ01o+tiAbRAPj
+kOkTXTqi5qkHOAqqglneBr6BnbZnNiCRxKdhtJPqZJ6BbPY8xhEw0VvvAfvpjT3m
+SbskaRVhyi1q7BAn24JgiGKq/4uxw7wZ3Ew1i1nT5SlE+KfEuPk+nJz8e1nTTmFL
+pgk/9U283uXm+8OH14Xlsz+/xFfo8h8Tu8jsNvOhyA+ScgfVP8HAEdnbqDSqReOy
+PcgJL+10f7iwG2jZjYLHHOZZmSlrk5zgZK5XRSiBQlif7kQO3gk6uGmVRh0AZvHL
+nfKJAJUCBRA3ifqcxEaR6Lw5pc0BAZ5JA/9oB8luDaIxEDGe3nqccMtSSgAyCeEw
+YukeN0cZU/R9k3lsV/QpzsVJ4LSTFvb7gH/zNdYGOq93NMYD5AFVAr2mXC/znwWt
+HD+kxUXEMksSWU8hasnm90Q4MIPmlp2kTRuF7gg8e+wPGB/wkGWdc9d4R6bRPrtu
+mTHvKOsAvqieKIkAlQMFEDYpHBmazTzAqZ913QEBKhID/1nDIBaKVck0xaxXQp/J
+R4dnsKwUD38pCLEu2lIfyKPitotqyvqu6txJySt346JAo9AbT9NJdIAQ/uy5q1Xp
+dNMsQUcluapyFNlcxJqnDEVYYvF0b5u4KI65XFuminhmgrPbFv4a117J4Ov7/+AU
+v7BsSqVkxd+/CDMELFw4z+1liQCSAwUQM80O2D6Pt/L4g0HZAQHGlwPnbvChyY3a
+MfEKSYiYgP5gxUXyDVGKPcITL6gsBmKI1ZJHGPaVZMeGxVle3MXnf4APv2smqsWF
+lQLH5bq8bjq4sy67f9WmcR+rZCwPR3rMhS9IMUjGzL+ziSfK+B8x5dzMeZvu+MZs
+azI/2aqMDI3sxRyqAEEA0fgdf0JJE3y0IUxhcnMgRWlsZWJyZWNodCA8bGFyc0Bh
+cGFjaGUub3JnPokAlQMFEzeoNAP9LZCSqJB7JQEBoyYD+wXn4TqjNwDe+7JGRng/
+4TXtjYnzCrdeoEmc3b5LCtv4MadCSOfeBvDA7ZwXcEooKXvd/M4B4o6QA4SqUcJU
+5pDqdgP7nFD3IRzx/8XRy+OODciAPHrmZUelNIQ2S3vMkjpjjUf0/lQ1jVWiGllm
+lxCNe7+O+q+iCJOVsN64Er72iQCSAwUQN4UuKD6Pt/L4g0HZAQFWvQPmPTlwE9If
+rBcb6afTEb6hWewTcwLZckphgwNjcuDBccv193gl8MOhPG+wFv2c+jKwndV19NvH
+eB0r1HE0+lYqLxQI0DTGZTVGDfyQBJMKBOMLOdB5Qk12gNOXC7F8Ulhx9w/LlBs3
+1MRsl3e6TY5JyzclPP8qNSI1DhBBBzS0LUxhcnMgRWlsZWJyZWNodCA8TGFycy5F
+aWxlYnJlY2h0QHVuaXgtYWcub3JnPokAlQMFEzeoNBb9LZCSqJB7JQEBWagD/RFh
+QOAq9BlODMwwHaWhJfA7lc7aG/kLVhUoMwLWfP6WJ26BP4A1nr/zgxs8YfPVoO6j
+gQNW7umWrVLVEfSjhFNFvQ83qa7Uj0PZ5quw2IwaPhL8a0WVF68TNp4idZKbtd8z
+NJ9rYBJp++kXUUNsAAH5p86he3tT6SEee7YNtNYTiQA/AwUQN4pfkVbmlud7DA+m
+EQJw3ACaAvmnV6/Zb1fJATLrKUC2BrZcEaAAoP2dC+NFgYGECMLpAnZVaU61Zz6G
+iQEVAwUQN5TIi66tuQI8jjltAQFtfAf/Xx7ao4FjWI0Vhs2rF8B0oi3Mfoq8DV2x
+nSh/8kaBdcrqJNx2k+ra+X9FhOmbAtUSuGEFGKSfhfG01TGKAxLRTohQp6zKCAcu
+tc9jeHAYoC9X5CYH9iixOq1YmLzzmgQi/m4yUnaY7f2OOpgCdHYKqgofUHRvjBEV
+2lw/kg9iIv1ngXTOeIXEVDjpV3+l63grj0pU/lucjfLDTH3+36dsmN57xcM/RXFy
+DoDtCholTVEqkZasqxh8GU4Y+H+CLFwJBuumw2yw+JKmVZ3FP7Fy1Cki+I+fxSwC
+AXVZXSMtnJCa2hn4m9hVHSesFQ0lVAauxI9sj1/R0ldqIzd10Tt1u4kBFQIFEzeJ
++3tR6m16P5LTsQEBSS0H/RD6hglWcvD6Pp4M+/vDNe0VEdw2e/ZafV4Yf80vd97r
+/CCVqJny3DuRxj1NBZ2oKJ2NKQlKYoJbc7e420N1EXWRWgTOMxAks4pj7AcNPlMp
+6Yqg0BMk9M2n8cmJXZcJWcJH+++oisbqf1y3WBkCVNV2q3Ad5nnHeotBqmjbpHNg
+zcuJuWGfW8aDRW4722BuxxkNYOStFVXYevoUg7PU8Xwg06/0abogmQhD59Og7Pzh
+M2Tm5tBR4dssCMfx8ppog5iF5utJBU0QCAtDKzSuEH4HVNUsiJcTvqleTn3q/BUa
+KLUJ6ObQfJfsSFAowX4hfeSLCcdt1b7pLHouQoMXO8OJAJUCBRA3ifq6xEaR6Lw5
+pc0BAZMoA/0YuMwfDWhn6VO7kH5RUl/sdNBl5wSMbDfe3nDW+/KV41yOX+ISzI1v
++Dosy5qGaV2HUntJm3rXknDqnoDNdnGTaKyma6Z77fs7RUo80ZnYhSzSYWEAnzLN
+MBldwyHZI/NRbmAvsfOeyQ06nFNy2il70+WpEZBP5Caaxz7LpXN8zIkAkgMFEDPN
+DAU+j7fy+INB2QEBrfUD50++xHDXNa/IwOnZpDCohrAiLbCIWXnqVh+mTBZaOx1+
+24rQcd76B6TRonW8vAkWWuK+ugS6QXUloreRL+hva79M0hngwpaN+FuQlbjRjuAI
+oJQk/OHqEPDWdh9zg31cqfC5uJFV1baKDUdWgplQ30B3TfibfSMwcTOpds7gtDFM
+YXJzIGBTRlgnIEVpbGVicmVjaHQgPFNGWEB1bml4LWFnLnVuaS1zaWVnZW4uZGU+
+iQCVAwUTN6g0J/0tkJKokHslAQEqTwP9GdKy8Xl/DIJsQMKJ/w1ZsOyuqZL6fH3e
+xZC31Y8X6Dk8XN2Rw0KkO2PjMNpXsjd0fp59X9swTD/hf1gRIr7Uvh/p2nXfyBSD
+r4/VUHpK7tx7IB3ZolIZVvtm67+H8vfHKk9XEFgFF14+aVvKHojXZ3tsRt6Wm78n
+nJ43gdVyHr6JAHUDBRAzEfV1S1wlNB5o8N0BAX7QAwC3iuW6C34zc8We4NVTx8Op
+OkMElBEsIjyQphkyE+X/eNWIR6qIYMDeZBkfVw8VggiQKkHxb28YYmb9M7uB70Ox
+WC1Szts8Ga1bzn0dufY7xgxaT6kQatXHMUzV7r39muOJAJUCBRAw+R5/voJFl2Zs
+ya0BAVlWA/0eFxcSJrCcc6WspLfB5eJKUDVmFh3eWnvNUBZWv73yKZQanlVq9vfa
+VGztcQbeBBT4uWsmvAhsF7PLkbByp97u9dY3064tZiqYjAVrdePQbFJOZRQpxPYF
+aOVMWHKTNr29SOQynqP/Pw7mM9RUIV8DsRqgaiK/oIENXze0NL+as4kBFQMFEDEs
+VXTwiYRjAFcYEQEBWnwH/jmcYmaqYHgN4jGc2zq9e7+GIy/yeDd6Ya3MvLLIdK5k
+wWzR1jn0UdMsxpQF3rKQki8wZ0kDKYdjF3NwJedSyuM+PO4gEMabuZP2Sq4OWoWS
+O1+aJL4k3EY5l5KW216frDLOid2Tjo8TtbVsrUl1uf95SsG482lEZW1GwQPUEEhg
+GD57MGfgjykTblLJNhCN8uA1lY7mmznAnjcuEy3wfVCGPNaF31zsk/othcGdH9W3
+n3mbrjyAhkCMZRBYtx3d4QxAIDSfB7vQulwAp2Ink+3VWLZWB9eFE5OvwiypG1jY
+XfyOUkDD24oyits1OVN7z3KJQNVGpUgXJH7Q0Nok5pmJAJUDBRAw+UGLHilwjxqE
+mVEBAchWA/46j8drvA9WkMyh72akvT1GErDzE4J9dBUf7adnPQoetH/gUPenzlAs
+5kbfeCKtYjGbCdKE8iy3+sH/zHW9S4b7Bn+61xQE4duTlKT8daj1FrLUk6B0p9Pm
+X/HtQdKejyfenbiOq4pqHPDSqaTsEpkb6gA9wEwiqTIjksFnvfpgWYkAVQMFEDD5
+fUoJNGLsuYI5PQEBF9gCAJQqYY+CSP8r6HWCJaQtjDzrPoX072jD1YUgmWdBFX2Y
+E2aS0F0A4lKJWAb0xyZ4wWcl2aM5Z/3X+DAR0IClsJiJAFUCBRAw+UT5PjTM7Dn4
+WRsBAeRKAgCDTEFmWZ/tdq9pxUnAknH+U2iqZvmOjHxLL1YNLa73hCe+Im2xQ6PA
+AWdoOhYM3w8QDG8TbFEGjK4YdE2kgvRMiQCVAgUQMPjujh3Ztnhw/dexAQH49QP+
+P3GBBGu4zfPqbZsWSrH2dMTj9ncbD54nA0+FUdejBzeq5Fa7aO/Nl0okcd2VLHfU
+Y1Jnx2QN5h6CSBqOiURVTnso4NyxAEkkn2a+GBZIbrZ39JQ5STnhCoaryMP3Ujuz
+A8HS8YTqgBb/VMwJaTpuBi8fadTetcQ5dXSGBJ2PXDiJAJUCBRAw+UJ8hWrdG2nW
+nOkBAQgjBACletAHnVmcl1qJHMFiG1vzy4DUwofCS9b4o1xpwb09j7gNC+/6wlz4
+W29tAK66vj+sWxhcYuNolonnlNk+czeSJTzm0+nD3kViZMT52kn/GQ992NWpZnLo
+YWDFHO5ZC+8qkqNSfE0VQksY0OFtPkA1BSBL64oG+UnHe82BxjqqEokAVQIFEDD4
+zdqb2lGD8IQbEQEBjYUB/2eiJQSOIXRm/LXnpTIGNpH9yKtPDQcssoCQCOPB6k3t
+HCiFugT3AZCajKKCbUSU1+kZLfH0SnvyDxnhxqslt3iJAO4DBRAw4VEeit1k1hLN
+dSkBAU55BsEBICTJPEh0ftogZjiUNsfpL+C1Zj6fIXWiggXX7yQ5q0qbhIKwVhSP
+Tw6UsBezViz6hEj51qOXXfGHsp82M92goiFwDlAdKxvLboxdXUp/5BVAjKoKr2zz
+lN7Er+rVZRAiAIeuxkzR5+tSCISzNChuL/XpaNC5P0qVsEUTyWVv5bUAQKY7Ufo7
+hToquvOvnhPZCgQiJgiLYQXhP3H+iX8LkuPtbovjJpJKq5zvPtO23Y25Fk0s0y95
+ddr/7TNqfBcKqbONcvt5yBDs6uyLH+MwY38NmSnl2xF6tDNMYXJzIGBTRlgnIEVp
+bGVicmVjaHQgPFNGWEBhcHBsMi5ocnoudW5pLXNpZWdlbi5kZT6JAJUDBRM3qDQ5
+/S2QkqiQeyUBAdsdA/0WrlL1R5qp2xRjRwSQpnORCm53cIEVEvm43L9MsSKRXbJc
+YmWorKIqjUKkazywiOmuz8BJU30NM29z7zoLizMuM2AVGrabnaK8Xg7LECBMtAJD
+coSLTlKczVKAL84pfqs9HVKzTDwL1RA/6N4pgvbVQmPFS0TTyemiC03kiCM2tIkA
+lQIFEDD5Hv6+gkWXZmzJrQEBD9QD/iIIvOUqyKRBWjHgJD7zoskxDQH/YVhJu59z
+oCEOJGwXFPLlT3cemeMCaVLa5XvoDnLYWZ/bfI5nFd9vF9GwwbmP8/x39Z3N2xKf
+JpD8eH5inu5AwtIskfXjmcZhSfDgv2XpAaFigz3wIBt+XbkPRxJJxfqD5oJ1ys0q
+Ne0U6jjyiQEVAwUQMSxVrvCJhGMAVxgRAQHLVgf/cW6FlzmOeIvJ/3yB7vhSOlpi
+vnY00iKnzzCpWLOasaC4NPazhqNIewBa01KSuamIicYkzXk8MeaTq5EaQfJyA+Nt
+dWSm/3/ivKWoO4KaqJbVPnxaDnB2KBH+2mq0BJ4rS4i2jVZuopbtMAHV+lQUHaVH
+826YaFPa+425A/H+Oaqn2EdkL80fpIJsACsudYPDGCKS3zcMjspVK1cXqNRDzIOZ
+8I/XtyNEJpw1yRGft4jrn4lj9jU4y0v6sFOt6jpuvAmyRN/pebwjYJw1Ye697MMk
+n0nEafH55Et+XfdBOYNm3Sb/J2g8j2JVVhN6JKuFYyM1kvK13Rky3SiLPUzD94kA
+lQIFEDD5QqqFat0badac6QEB6HsD/RooPR6pFnSisCerTlPhSvDI2gl2HUMFw0CZ
+J5JKVlj5GFDZp5jl0yhgCFCweFuE7RUgMOkvGeEoEPZeyipacsrVIcO26aCQyerL
+TQd6JTgOuCEeEvkjBwiqOrVNSEPM5TWPzQc7Q7IDtKTsCT+xNGtO6Pi2+ArZaodZ
+Ttp4tXkCiQBVAgUQMPjOC5vaUYPwhBsRAQHdVAH/eIgCk6fo3/Mvxu7IESdDLM/o
+zh14yvZz6FvC/VKtSp51goqsV5jI9wKANIjonLeO7GJubjO+lqHvsEVsGQ+wpIkA
+7gMFEDDhUjOK3WTWEs11KQEBgTUGwQGH8Ic7zNaUlRmYm5J8R375iP8CrJ/xILbE
+T69VsR2aDG2MA2z8NBBkV1ARrAC2YWa9sO91yCyf3NAI6I1oqtbv/09Im/s0bTu6
+6dWrqRAiuTB3Ou+gHJ0fc85gTWcBd9/xS/mNlZb1/ZXjkBaYdl0Bzm72c3+HqZjH
+zT3nlxVY5HCi15J4iDgCuCPzeo1r8QgGmsbP7fD+0Hka7tlXb87WxPZt+nkjGS9x
+mLrNHw5/vJpcN4+fzevzhTQD8IcsUr0QcZUH9jZpm6xWpibPF5z7FzXTorguf+W0
+M0xhcnMgYFNGWCcgRWlsZWJyZWNodCA8U0ZYQGFwcGwxLmhyei51bmktc2llZ2Vu
+LmRlPokAlQMFEzeoNFL9LZCSqJB7JQEB8hcD/jiiaI17W2zC2gtJuqZq0tBAOWJG
+1e7Q7NcadfGQpEj4iceT5pTOK64mvyXWhMUUq9vEq8SPNowk1s6830uQyAQftco5
+xZ+RuT5ZYqPx3faku5Q16HRaBeJQEfxys14SEMP7K8fiuP4iHLmXLwThPE0EsUA0
+VTaVptaQwwto5ruIiQCVAgUQMPke2r6CRZdmbMmtAQGOzAP/U3CbvKhXqyPupOIp
+pb1LcNAPcspe3B6IN1gXSWn3rUhaS7IG6vhpgE1E5ArzbMVCoo0p+yb4Ve743oBh
+DbMRQkRSRP1FCCayt9TWrTrtmij51yTlPbO4f7+SqYX23bwa/iOPFVOK3oL3Y0SF
+yK6007jyQrfYFPaaBfbDu12zobiJARUDBRAxLFW88ImEYwBXGBEBAVQqB/9jgON6
+jXz5kB+vQEqXXg/b10orenw4tyepeHqO4F9NGJacUm2tB8Yf3DelC+mLZFG4NlNN
+DOE7h46raDmDL0zK1TWG0tFWlXAGeaaMtFbPRYaqvjLhlQtuDeFrk2x8Gml2AcqT
+lj4Gm28gv/ftkGTO2SIFd+zRltzd9lHhtJTXEM4T4dLQGh87G5up9msJm8CMwILk
+0nhHXcfzGdiDo0pAICo594I5VaQadz8ErtUCsxeMLyj/2dAPNjZ9E8g0+cJvh//g
++6fA6sTNrrMvFd+A2tpAnX1ug9v+j0MGW805aSr2BKZWdMSSqsQy2Jd3fUoBT8tU
+JEf/vSbHtdmQXn83iQBVAwUQMPl9jgk0Yuy5gjk9AQFbSQH/Sz0CprAeon/Ss72O
+wyGTe+4c2DBUXgOgpMvkQMg5ERNxwB/hRlUmj4nOaNjFzV/ZGTCQyST831p8pmZw
+1JjO14kAVQIFEDD5RRk+NMzsOfhZGwEBqHsCAIhZH8c235XbRsO54I72aHAaKurk
+TtMlT4L3FP7cF5lebLL8BHu1Yl0qcLqVoYMucySjcJav9dEoP6sLTnSc2yuJAJUC
+BRAw+O7dHdm2eHD917EBAXRrA/9xfAgFoQCPgP9KHMydrc1D8QzhpOeIAd1Ugfh3
+pSHZHAMKhi3ofAQ/XXF8HAjpsNaVCF1SAPMY5eY7ErG/9e2Li+Ic7A7UqqNG0c7I
+N/iEj+i7anRue1cxnnJW/RZqTJbuRh3srFNth38JMp7wcH7zCSPyHWlvfUkmhfNa
+yCbBeIkAlQIFEDD5QtiFat0badac6QEBBTAD/0BSoVCxdb2QyLlGighOJBtHKe6c
++HZqpp1We4tmgCHGnXpz4RBilzhCLqMs8FV6Yd1Lg9by8l6AXWkm0NnhV8s3DCQj
+GPtjSFTwDgFwdQh8V04RHtLBtb+LtBNTy7e80d+aAih2/X0PusXETOqo/EwdGkiz
+z8g4b0vfNzeRXyudiQBVAgUQMPjOLJvaUYPwhBsRAQGDqQIA2P2avbSBxhFnh4N+
+e5NKRK+2O8qjHQS0z5ScACCKHFSrm80JkMR6iFlJkFH+namS1xK75x2TlsEUe3OR
+o1O3zYkAVQIFEC/S7ZyZNU6jaP3/TQEB25sCAJyZCXeC915C4DbNKaoc2sIRd2aM
+giW05ZzxYUI8mMO3pzZwF2a7Cg5iSdZYYMwpe9OWHqU+AhXHd+GWGhvHEUqJAJUC
+BRAv0z5HRrGJ++Deqm0BAXu0A/sHvzL3eBqiMMwLw3B+I0qHuXlwGHQ40D5bWDc7
+tgsTlbtn986Dgfek66OepTsfc2wKGYPG0EpAgiJlemc2Dg23cXvrm3wQ+syaONAn
+hrr7wId+ZeZ81Jao8x2OAlbjKQydRqwaGAXVnx+U02R8fmB9b0avxRwKWAqprnG+
+SELlzIkAVQMFEC/TO8pDBndHH+0DOwEBWzQB/3VwSMfehk8hrJ1JnE9SMXVITen3
+c2djoDeYplHW+R7AbqxGpVrgw7iXDzDwBTuB7au/C6kXfB4XVn0MbZtq4aaJAJUC
+BRAv0zhK5cuGDKtEoMkBAf+9BACMYzfvQzBwh+a1D17/SPSfO1DBDXx1cwD50zI0
+eIatz4kLvW7nOPHCY7tHVW/tlIBp/0+yUX/XXzBLp8WD0E/4s7lPgPjjAwlN+Iwy
+/fRDhJ/Gf0Nf03eJjMvU9MeaUI58JBCq8LjnVdtxcQKqapYcSogjz//jD+H3KuX/
+kX+5eYkAVQIFEC/SVx/9mEr5stbwpQEBz+sB/2uYnno7jRBUPzTf5tTXNKJITXH4
+VRG35x4CyjOqj21oWhEgZdNrwymzBK3IAuckqnIOQYSdN9F0BFVC1wTNgmeJAFUC
+BRAv0kO/ERkJHPqUz38BAbbHAf4hAAlkS+V00fN6KR7PXxPHLXYScn2T7NrauM9W
+eVfv614hjdU07WGiZSDCqOg4elmR0aB052a586CVPdGquTkViQCVAgUQL9G37UlJ
+piwTnZDhAQHNRgQAyidzdQU2MaifwX+iZzQ88Det8fYhLobfUU3p9FqtbU/CTsJa
+XHfCAebqA73F9XmUOMEn6VWZuYvP/UxmGDrjp4VFu6C0Fhs5fATrOY2soGFyFW55
+U43PBY8gDwFm1HYvDoKKQA6EqCXid2Dw87xRSDyCHRVQoZM8MrQwpHtkKkaJAFUC
+BRAv0hc+eYwYDHu3XYkBAakgAf9muXXpQvDf+CXtPXURudsD1PcuNe4PhMbcgZ4R
+XfPXBtGnbbvI3XZrc9tq8QomPWZ9atlpPz1e3WyZgFojBfhqiQCVAgUQLxgZ6khf
+qy8j2SvjAQGc7QP/VHgeVQzjcJSPF2KfNyKM4nFE17uJ5emnvE2f1K4mi0NV4IsN
+EVKmYXYQVvQoPKhfZtjXzE9P2xa0gxi/heKBIHB+5H5Kn4nUIt0/7POYhltkFz7c
+bnEzqeKm9oqXUOSFKUup51bh2aDWsqAI5dgod3MdRxqd40TiuShaVXAbmuGJAJUC
+BRAuzX6/HilwjxqEmVEBAfBcA/wIosNYUsnsVzclnQye4/Fbv0z2dFDAvZMj9V3i
+UJRKIM5R0S+NTjkwuYuBT7g5k095doFIuQ3jPw9STEYQS9J4IUTu7ThU2rUYnZoL
+58dUXO5ZunQux7OoNKebrG8HHPjTIRpmeRe7f7rqRdlX8TgE0iQJoHlXapfGsEiD
+QPXSIIkAlAIFEC7Htq4PRy9bNNdNwQEBM1UD+NT5tNSqeVl2t/oqAK/6EM6zpU7n
+fxwTFA2wGXvHzYONunxDm3bVgRXwuIU3WKa4tiodeoMQe3uq2ug1oFheCdHbhCMj
+e6t6X6RgyJtlbEaurfzYLZqlF5oQOZDWq0TM/6Rd7FprADMoyjxUpYydeNBgEtmi
+G5Sp9yIT0Ds5AXWJAEUCBRAuvsWtldOLUWZxqVUBAU4tAX9YK5N9ywRzvPVYrkEx
+CW0KCc2+7PSGKY0/YXE+XiDmure7yLTd2o9u5XB+vFLPL6Y=
+=Duku
 -----END PGP PUBLIC KEY BLOCK-----
diff --git a/usr.sbin/httpd/LICENSE.SSL b/usr.sbin/httpd/LICENSE.SSL
index af6ca3f29a3..abe9a13f1dc 100644
--- a/usr.sbin/httpd/LICENSE.SSL
+++ b/usr.sbin/httpd/LICENSE.SSL
@@ -1,8 +1,8 @@
                        _             _ 
-   _ __ ___   ___   __| |    ___ ___| |  
-  | '_ ` _ \ / _ \ / _` |   / __/ __| |  
-  | | | | | | (_) | (_| |   \__ \__ \ |  mod_ssl - Apache Interface to SSLeay  
-  |_| |_| |_|\___/ \__,_|___|___/___/_|  http://www.engelschall.com/sw/mod_ssl/
+   _ __ ___   ___   __| |    ___ ___| |  mod_ssl
+  | '_ ` _ \ / _ \ / _` |   / __/ __| |  Apache Interface to OpenSSL
+  | | | | | | (_) | (_| |   \__ \__ \ |  www.modssl.org
+  |_| |_| |_|\___/ \__,_|___|___/___/_|  ftp.modssl.org
                        |_____|         
   _____________________________________________________________________________
   
@@ -18,7 +18,7 @@
   detailed license information follows.
 
   ====================================================================
-  Copyright (c) 1998 Ralf S. Engelschall. All rights reserved.
+  Copyright (c) 1998-1999 Ralf S. Engelschall. All rights reserved.
  
   Redistribution and use in source and binary forms, with or without
   modification, are permitted provided that the following conditions
@@ -36,7 +36,7 @@
      software must display the following acknowledgment:
      "This product includes software developed by 
       Ralf S. Engelschall <rse@engelschall.com> for use in the
-      mod_ssl project (http://www.engelschall.com/sw/mod_ssl/)."
+      mod_ssl project (http://www.modssl.org/)."
  
   4. The names "mod_ssl" must not be used to endorse or promote
      products derived from this software without prior written
@@ -51,7 +51,7 @@
      acknowledgment:
      "This product includes software developed by 
       Ralf S. Engelschall <rse@engelschall.com> for use in the
-      mod_ssl project (http://www.engelschall.com/sw/mod_ssl/)."
+      mod_ssl project (http://www.modssl.org/)."
  
   THIS SOFTWARE IS PROVIDED BY RALF S. ENGELSCHALL ``AS IS'' AND ANY
   EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
diff --git a/usr.sbin/httpd/Makefile.bsd-wrapper b/usr.sbin/httpd/Makefile.bsd-wrapper
new file mode 100644
index 00000000000..cadd508bcd9
--- /dev/null
+++ b/usr.sbin/httpd/Makefile.bsd-wrapper
@@ -0,0 +1,489 @@
+# Build wrapper for Apache 
+# $OpenBSD: Makefile.bsd-wrapper,v 1.1 1999/09/29 06:42:44 beck Exp $
+
+# Our lndir is hacked; specify a full path to avoid potential conflicts
+# with the one installed with X11.
+LNDIR=          /usr/bin/lndir
+
+
+#   OpenBSD apache path layout.
+#<Layout OpenBSD>
+#    prefix:        /var/www
+#    exec_prefix:   /usr
+#    bindir:        /usr/bin
+#    sbindir:       /usr/sbin
+#    libexecdir:    /usr/lib/apache/modules
+#    mandir:        /usr/share/man
+#    sysconfdir:    /var/www/conf
+#    datadir:       /var/www
+#    iconsdir:      /var/www/icons
+#    htdocsdir:     /var/www/htdocs
+#    cgidir:        /var/www/cgi-bin
+#    includedir:    /usr/lib/apache/include
+#    localstatedir: /var/www
+#    runtimedir:    /var/www/logs
+#    logfiledir:    /var/www/logs
+#    proxycachedir: /var/www/proxy
+#</Layout>
+#
+
+WWWROOT= /var/www
+HTTPD_PREFIX=	/var/www
+HTTPD_BINDIR=	/usr/bin
+HTTPD_SBINDIR=	/usr/sbin
+HTTPD_LIBEXECDIR= /usr/lib/apache/modules
+HTTPD_CONFDIR=	/var/www/conf
+HTTPD_DATADIR=	/var/www
+HTTPD_LOGDIR=	/var/www/logs
+HTTPD_RUNDIR=	/var/www/logs
+HTTPD_HTDOCSDIR= /var/www/htdocs
+HTTPD_ICONSDIR=	/var/www/icons
+HTTPD_INCLUDEDIR=	/usr/lib/apache/include
+
+CONFIG_ARGS=	--with-layout=OpenBSD --enable-module=ssl
+
+# If you support dynamic loading, enable the so module
+.if ${MACHINE_ARCH} == "i386"
+CONFIG_ARGS+= --enable-module=so
+.endif
+.if ${MACHINE_ARCH} == "m68k"
+CONFIG_ARGS+= --enable-module=so
+.endif
+.if ${MACHINE_ARCH} == "sparc"
+CONFIG_ARGS+= --enable-module=so
+.endif
+.if ${MACHINE_ARCH} == "mips"
+CONFIG_ARGS+= --enable-module=so
+.endif
+
+
+PERLPATH= /usr/bin/perl
+
+MUNGEDFILES =	${.OBJDIR}/src/ap/Makefile \
+		${.OBJDIR}/src/include/ap_config_auto.h \
+		${.OBJDIR}/src/lib/expat-lite/Makefile \
+		${.OBJDIR}/src/lib/Makefile \
+		${.OBJDIR}/src/main/Makefile \
+		${.OBJDIR}/src/modules/standard/Makefile \
+		${.OBJDIR}/src/modules/ssl/Makefile \
+		${.OBJDIR}/src/modules/Makefile \
+		${.OBJDIR}/src/os/unix/Makefile \
+		${.OBJDIR}/src/regex/Makefile \
+		${.OBJDIR}/src/support/Makefile \
+		${.OBJDIR}/src/apaci \
+		${.OBJDIR}/src/Makefile ${.OBJDIR}/src/Makefile.config \
+		${.OBJDIR}/src/modules.c \
+		${.OBJDIR}/src/Configuration.apaci ${.OBJDIR}/Makefile \
+		${.OBJDIR}/config.status
+BINFILES= src/support/htdigest src/support/htpasswd \
+
+SBINFILES= \
+	src/httpd src/support/ab \
+	src/support/logresolve src/support/rotatelogs
+
+MAN1SRCS= \
+	src/support/dbmmanage.1 src/support/htdigest.1 src/support/htpasswd.1
+
+MAN8SRCS= \
+	src/support/ab.8 src/support/apachectl.8 src/support/logresolve.8 \
+	src/support/httpd.8 src/support/rotatelogs.8
+
+INCFILES= 	src/include/alloc.h \
+	src/include/util_script.h \
+	src/include/util_md5.h \
+	src/include/util_date.h \
+	src/include/scoreboard.h \
+	src/include/rfc1413.h \
+	src/include/multithread.h \
+	src/include/httpd.h \
+	src/include/http_vhost.h \
+	src/include/http_request.h \
+	src/include/http_protocol.h \
+	src/include/http_main.h \
+	src/include/http_log.h \
+	src/include/http_core.h \
+	src/include/http_config.h \
+	src/include/http_conf_globals.h \
+	src/include/hsregex.h \
+	src/include/fnmatch.h \
+	src/include/explain.h \
+	src/include/conf.h \
+	src/include/compat.h \
+	src/include/buff.h \
+	src/include/ap_mm.h \
+	src/include/ap_sha1.h \
+	src/include/ap_mmn.h \
+	src/include/ap_md5.h \
+	src/include/ap_hook.h \
+	src/include/ap_ctype.h \
+	src/include/ap_ctx.h \
+	src/include/ap_config_auto.h \
+	src/include/ap_config.h \
+	src/include/ap_compat.h \
+	src/include/ap.h \
+	src/include/util_uri.h 
+
+CONFFILES= \
+	conf/srm.conf-dist conf/access.conf-dist conf/httpd.conf-dist \
+	conf/mime.types conf/access.conf conf/httpd.conf \
+	conf/magic conf/srm.conf 
+
+HTDOCS= \
+	htdocs/apache_pb.gif htdocs/index.html htdocs/openbsdpower.gif \
+	htdocs/blowfish.jpg htdocs/bsd_small.gif htdocs/lock.gif \
+	htdocs/logo23.jpg htdocs/logo24.jpg htdocs/smalltitle.gif 
+
+CGIFILES= \
+	cgi-bin/printenv cgi-bin/test-cgi	
+
+MANUALFILES= \
+	manual/mod/core.html  \
+	manual/mod/directive-dict.html \
+	manual/mod/directives.html \
+	manual/mod/footer.html \
+	manual/mod/header.html \
+	manual/mod/index.html \
+	manual/mod/mod_access.html \
+	manual/mod/mod_actions.html \
+	manual/mod/mod_alias.html \
+	manual/mod/mod_asis.html \
+	manual/mod/mod_auth.html \
+	manual/mod/mod_auth_anon.html \
+	manual/mod/mod_auth_db.html \
+	manual/mod/mod_auth_dbm.html \
+	manual/mod/mod_auth_digest.html \
+	manual/mod/mod_autoindex.html \
+	manual/mod/mod_browser.html \
+	manual/mod/mod_cern_meta.html \
+	manual/mod/mod_so.html \
+	manual/mod/mod_cgi.html \
+	manual/mod/mod_cookies.html \
+	manual/mod/mod_digest.html \
+	manual/mod/mod_dir.html \
+	manual/mod/mod_dld.html \
+	manual/mod/mod_dll.html \
+	manual/mod/mod_env.html \
+	manual/mod/mod_example.html \
+	manual/mod/mod_expires.html \
+	manual/mod/mod_headers.html \
+	manual/mod/mod_imap.html \
+	manual/mod/mod_include.html \
+	manual/mod/mod_info.html \
+	manual/mod/mod_isapi.html \
+	manual/mod/mod_log_agent.html \
+	manual/mod/mod_log_common.html \
+	manual/mod/mod_log_config.html \
+	manual/mod/mod_log_referer.html \
+	manual/mod/mod_mime.html \
+	manual/mod/mod_ssl/index.html \
+	manual/mod/mod_ssl/ssl_compat.gfont000.gif \
+	manual/mod/mod_ssl/ssl_compat.html \
+	manual/mod/mod_ssl/ssl_compat.wml \
+	manual/mod/mod_ssl/ssl_cover.wml \
+	manual/mod/mod_ssl/ssl_cover_logo.jpg \
+	manual/mod/mod_ssl/ssl_cover_title.jpg \
+	manual/mod/mod_ssl/ssl_faq.gfont000.gif \
+	manual/mod/mod_ssl/ssl_faq.html \
+	manual/mod/mod_ssl/ssl_faq.wml \
+	manual/mod/mod_ssl/ssl_glossary.html \
+	manual/mod/mod_ssl/ssl_glossary.wml \
+	manual/mod/mod_ssl/ssl_howto.gfont000.gif \
+	manual/mod/mod_ssl/ssl_howto.html \
+	manual/mod/mod_ssl/ssl_howto.wml \
+	manual/mod/mod_ssl/ssl_intro.gfont000.gif \
+	manual/mod/mod_ssl/ssl_intro.html \
+	manual/mod/mod_ssl/ssl_intro.wml \
+	manual/mod/mod_ssl/ssl_intro_fig1.gif \
+	manual/mod/mod_ssl/ssl_intro_fig2.gif \
+	manual/mod/mod_ssl/ssl_intro_fig3.gif \
+	manual/mod/mod_ssl/ssl_overview.gfont000.gif \
+	manual/mod/mod_ssl/ssl_overview.html \
+	manual/mod/mod_ssl/ssl_overview.wml \
+	manual/mod/mod_ssl/ssl_overview_fig1.gif \
+	manual/mod/mod_ssl/ssl_reference.gfont000.gif \
+	manual/mod/mod_ssl/ssl_reference.html \
+	manual/mod/mod_ssl/ssl_reference.wml \
+	manual/mod/mod_ssl/ssl_template.head-chapter.gif \
+	manual/mod/mod_ssl/ssl_template.head-num-1.gif \
+	manual/mod/mod_ssl/ssl_template.head-num-2.gif \
+	manual/mod/mod_ssl/ssl_template.head-num-3.gif \
+	manual/mod/mod_ssl/ssl_template.head-num-4.gif \
+	manual/mod/mod_ssl/ssl_template.inc \
+	manual/mod/mod_ssl/ssl_template.head-num-5.gif \
+	manual/mod/mod_ssl/ssl_template.head-num-6.gif \
+	manual/mod/mod_ssl/ssl_template.head-num-7.gif \
+	manual/mod/mod_ssl/ssl_template.imgdot-1x1-000000.gif \
+	manual/mod/mod_ssl/ssl_template.imgdot-1x1-transp.gif \
+	manual/mod/mod_ssl/ssl_template.navbut-next-n.gif \
+	manual/mod/mod_ssl/ssl_template.navbut-next-s.gif \
+	manual/mod/mod_ssl/ssl_template.navbut-prev-n.gif \
+	manual/mod/mod_ssl/ssl_template.navbut-prev-s.gif \
+	manual/mod/mod_ssl/ssl_template.title-abstract.gif \
+	manual/mod/mod_ssl/ssl_template.title-compat.gif \
+	manual/mod/mod_ssl/ssl_template.title-faq.gif \
+	manual/mod/mod_ssl/ssl_template.title-gloss.gif \
+	manual/mod/mod_ssl/ssl_template.title-howto.gif \
+	manual/mod/mod_ssl/ssl_template.title-intro.gif \
+	manual/mod/mod_ssl/ssl_template.title-over.gif \
+	manual/mod/mod_ssl/ssl_template.title-preface.gif \
+	manual/mod/mod_ssl/ssl_template.title-ref.gif \
+	manual/mod/mod_ssl/ssl_template.title-toc.gif \
+	manual/mod/mod_ssl/ssl_template.title-tutor.gif \
+	manual/mod/mod_mime_magic.html \
+	manual/mod/mod_mmap_static.html \
+	manual/mod/mod_negotiation.html \
+	manual/mod/mod_proxy.html \
+	manual/mod/mod_rewrite.html \
+	manual/mod/mod_setenvif.html \
+	manual/mod/mod_speling.html \
+	manual/mod/mod_status.html \
+	manual/mod/mod_unique_id.html \
+	manual/mod/mod_userdir.html \
+	manual/mod/mod_usertrack.html \
+	manual/mod/mod_vhost_alias.html \
+	manual/mod/mod_define.html \
+	manual/LICENSE \
+	manual/bind.html \
+	manual/cgi_path.html \
+	manual/content-negotiation.html \
+	manual/custom-error.html \
+	manual/dns-caveats.html \
+	manual/dso.html \
+	manual/ebcdic.html \
+	manual/env.html \
+	manual/footer.html \
+	manual/handler.html \
+	manual/header.html \
+	manual/index.html \
+	manual/install-tpf.html \
+	manual/install.html \
+	manual/invoking.html \
+	manual/keepalive.html \
+	manual/location.html \
+	manual/man-template.html \
+	manual/multilogs.html \
+	manual/new_features_1_0.html \
+	manual/new_features_1_1.html \
+	manual/new_features_1_2.html \
+	manual/new_features_1_3.html \
+	manual/process-model.html \
+	manual/readme-tpf.html \
+	manual/sections.html \
+	manual/sourcereorg.html \
+	manual/stopping.html \
+	manual/suexec.html \
+	manual/suexec_1_2.html \
+	manual/unixware.html \
+	manual/upgrading_to_1_3.html \
+	manual/windows.html \
+	manual/images/custom_errordocs.gif \
+	manual/images/home.gif \
+	manual/images/index.gif \
+	manual/images/mod_rewrite_fig1.fig \
+	manual/images/mod_rewrite_fig1.gif \
+	manual/images/mod_rewrite_fig2.fig \
+	manual/images/mod_rewrite_fig2.gif \
+	manual/images/sub.gif \
+	manual/images/apache_pb.gif \
+	manual/images/mod_ssl_sb.gif \
+	manual/images/openssl_ics.gif \
+	manual/misc/API.html \
+	manual/misc/fin_wait_2.html \
+	manual/misc/FAQ.html \
+	manual/misc/known_client_problems.html \
+	manual/misc/client_block_api.html \
+	manual/misc/compat_notes.html \
+	manual/misc/custom_errordocs.html \
+	manual/misc/descriptors.html \
+	manual/misc/HTTP_Features.tsv \
+	manual/misc/footer.html \
+	manual/misc/header.html \
+	manual/misc/howto.html \
+	manual/misc/index.html \
+	manual/misc/perf-bsd44.html \
+	manual/misc/nopgp.html \
+	manual/misc/perf-tuning.html \
+	manual/misc/perf-dec.html \
+	manual/misc/perf-hp.html \
+	manual/misc/security_tips.html \
+	manual/misc/perf.html \
+	manual/misc/vif-info.html \
+	manual/misc/windoz_keepalive.html \
+	manual/search/manual-index.cgi \
+	manual/vhosts/details.html \
+	manual/vhosts/details_1_2.html \
+	manual/vhosts/examples.html \
+	manual/vhosts/fd-limits.html \
+	manual/vhosts/footer.html \
+	manual/vhosts/header.html \
+	manual/vhosts/host.html \
+	manual/vhosts/index.html \
+	manual/vhosts/ip-based.html \
+	manual/vhosts/mass.html \
+	manual/vhosts/name-based.html \
+	manual/vhosts/vhosts-in-depth.html \
+	manual/vhosts/virtual-host.html
+		
+		
+ICONFILES= \
+	icons/README icons/a.gif icons/alert.black.gif \
+	icons/alert.red.gif icons/apache_pb.gif icons/back.gif \
+	icons/ball.gray.gif icons/ball.red.gif icons/binary.gif \
+	icons/binhex.gif icons/blank.gif icons/bomb.gif icons/box1.gif \
+	icons/box2.gif icons/broken.gif icons/burst.gif icons/c.gif \
+	icons/comp.blue.gif icons/comp.gray.gif icons/compressed.gif \
+	icons/continued.gif icons/dir.gif icons/dvi.gif icons/down.gif \
+	icons/f.gif icons/folder.gif icons/folder.open.gif \
+	icons/folder.sec.gif icons/forward.gif icons/generic.gif \
+	icons/generic.red.gif icons/generic.sec.gif \
+	icons/hand.right.gif icons/hand.up.gif icons/icon.sheet.gif \
+	icons/image1.gif icons/image2.gif icons/image3.gif \
+	icons/index.gif icons/layout.gif icons/left.gif icons/link.gif \
+	icons/movie.gif icons/p.gif icons/patch.gif icons/pdf.gif \
+	icons/pie0.gif icons/pie1.gif icons/pie2.gif icons/pie3.gif \
+	icons/pie4.gif icons/pie5.gif icons/pie6.gif icons/pie7.gif \
+	icons/pie8.gif icons/portal.gif icons/ps.gif icons/quill.gif \
+	icons/right.gif icons/screw1.gif icons/screw2.gif \
+	icons/script.gif icons/sound1.gif icons/sound2.gif \
+	icons/sphere1.gif icons/sphere2.gif icons/tar.gif \
+	icons/tex.gif icons/text.gif icons/transfer.gif \
+	icons/unknown.gif icons/up.gif icons/uu.gif \
+	icons/uuencoded.gif icons/world1.gif icons/world2.gif \
+	icons/small/README.txt icons/small/back.gif \
+	icons/small/binary.gif icons/small/binhex.gif \
+	icons/small/blank.gif icons/small/broken.gif \
+	icons/small/burst.gif icons/small/comp1.gif \
+	icons/small/comp2.gif icons/small/compressed.gif \
+	icons/small/continued.gif icons/small/dir.gif \
+	icons/small/dir2.gif icons/small/doc.gif \
+	icons/small/forward.gif icons/small/generic.gif \
+	icons/small/generic2.gif icons/small/generic3.gif \
+	icons/small/image.gif icons/small/image2.gif \
+	icons/small/index.gif icons/small/key.gif \
+	icons/small/movie.gif icons/small/patch.gif icons/small/ps.gif \
+	icons/small/rainbow.gif icons/small/sound.gif \
+	icons/small/sound2.gif icons/small/tar.gif \
+	icons/small/text.gif icons/small/transfer.gif \
+	icons/small/unknown.gif icons/small/uu.gif  
+
+
+.include <bsd.own.mk>
+
+all: 	prereq
+	cd ${.OBJDIR} && ${MAKE}
+
+
+prereq: ${.OBJDIR}/config.status
+
+${.OBJDIR}/config.status : ${.OBJDIR}/config.layout
+	cd ${.OBJDIR} && sh configure ${CONFIG_ARGS}
+
+.if !exists(${.OBJDIR}/config.layout)
+${.OBJDIR}/config.layout: ${.CURDIR}/config.layout
+	${LNDIR} -s -e obj -e obj.${MACHINE_ARCH} -e Makefile.bsd-wrapper ${.CURDIR}
+.endif
+
+includes: prereq
+	@-for i in ${INCFILES}; do \
+		j=`basename $$i`; \
+		echo "Installing ${DESTDIR}${HTTPD_INCLUDEDIR}/$$j"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+		    ${.OBJDIR}/$$i ${DESTDIR}${HTTPD_INCLUDEDIR}; \
+	done
+
+install:
+	@-for i in ${BINFILES}; do \
+		j=`basename $$i`; \
+		echo "Installing ${DESTDIR}${HTTPD_BINDIR}/$$j"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 555 \
+		    ${.OBJDIR}/$$i ${DESTDIR}${HTTPD_BINDIR}; \
+	done
+	@-for i in ${SBINFILES}; do \
+		j=`basename $$i`; \
+		echo "Installing ${DESTDIR}${HTTPD_SBINDIR}/$$j"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 555 \
+		    ${.OBJDIR}/$$i ${DESTDIR}${HTTPD_SBINDIR}; \
+	done
+	@d=`mktemp -d /tmp/httpdXXXXXXXXXX`; \
+	echo "Installing ${DESTDIR}${HTTPD_BINDIR}/apxs"; \
+	j="sed -e 's;^#!/.*;#!${PERLPATH};' \
+		-e 's;\@prefix\@;${HTTPD_PREFIX};' \
+		-e 's;\@sbindir\@;${HTTPD_SBINDIR};' \
+		-e 's;\@libexecdir\@;${HTTPD_LIBEXECDIR};' \
+		-e 's;\@includedir\@;${HTTPD_INCLUDEDIR};' \
+		-e 's;\@sysconfdir\@;${HTTPD_CONFDIR};' \
+		< ${.OBJDIR}/src/support/apxs > $$d/apxs && \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 555 \
+		$$d/apxs ${DESTDIR}${HTTPD_SBINDIR}"; \
+		echo $$j; \
+		eval $$j; \
+	echo "Installing ${DESTDIR}${HTTPD_BINDIR}/apachectl"; \
+	j="sed -e 's;PIDFILE=.*;PIDFILE=${HTTPD_RUNDIR}/httpd.pid;' \
+		-e 's;HTTPD=.*;HTTPD=${HTTPD_SBINDIR}/httpd;' \
+		< ${.OBJDIR}/src/support/apachectl > $$d/apachectl && \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 555 \
+		$$d/apachectl ${DESTDIR}${HTTPD_SBINDIR}"; \
+		echo $$j; \
+		eval $$j; \
+	echo "Installing ${DESTDIR}${HTTPD_BINDIR}/dbmmanage"; \
+	j="sed -e 's;^#!/.*;#!${PERLPATH};' \
+		< ${.OBJDIR}/src/support/dbmmanage > $$d/dbmmanage && \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 555 \
+		$$d/dbmmanage ${DESTDIR}${HTTPD_BINDIR}"; \
+		echo $$j; \
+		eval $$j; \
+	rm -rf $$d
+	
+clean: prereq
+	cd ${.OBJDIR} && ${MAKE} clean
+
+cleandir: clean
+	cd ${.OBJDIR} && rm -f ${MUNGEDFILES}
+
+test:
+	# Nothing here so far...
+
+depend: prereq
+	# Nothing here so far...
+
+lint:
+	# Nothing here so far...
+
+tags:
+	# Nothing here so far...
+
+distribution:
+	@-for i in ${CONFFILES}; do \
+		j=`dirname $$i`; \
+		echo "Installing ${DESTDIR}${WWWROOT}/$$i"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+		    ${.OBJDIR}/$$i ${DESTDIR}${WWWROOT}/$$j/; \
+	done
+	@-for i in ${HTDOCS}; do \
+		j=`dirname $$i`; \
+		echo "Installing ${DESTDIR}${WWWROOT}/$$i"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+		    ${.OBJDIR}/$$i ${DESTDIR}${WWWROOT}/$$j/; \
+	done
+	@-for i in ${MANUALFILES}; do \
+		j=`dirname $$i`; \
+		echo "Installing ${DESTDIR}${WWWROOT}/$$i"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+		    ${.OBJDIR}/htdocs/$$i ${DESTDIR}${WWWROOT}/htdocs/$$j/; \
+	done
+	@-for i in ${CGIFILES}; do \
+		j=`dirname $$i`; \
+		echo "Installing ${DESTDIR}${WWWROOT}/$$i"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 000 \
+		    ${.OBJDIR}/$$i ${DESTDIR}${WWWROOT}/$$j/; \
+	done
+	@-for i in ${ICONFILES}; do \
+		j=`dirname $$i`; \
+		echo "Installing ${DESTDIR}${WWWROOT}/$$i"; \
+		${INSTALL} ${INSTALL_COPY} -g ${BINGRP} -m 444 \
+		    ${.OBJDIR}/$$i ${DESTDIR}${WWWROOT}/$$j/; \
+	done
+
+.include <bsd.obj.mk>
+.include <bsd.subdir.mk>
+
diff --git a/usr.sbin/httpd/Makefile.tmpl b/usr.sbin/httpd/Makefile.tmpl
index 6bc3caf6a17..424779777ee 100644
--- a/usr.sbin/httpd/Makefile.tmpl
+++ b/usr.sbin/httpd/Makefile.tmpl
@@ -67,7 +67,7 @@
 ## ==================================================================
 
 #   safe environment
-SHELL           = /bin/sh
+SHELL           = @SHELL@
 
 #   paths to the source tree parts
 TOP             = .
@@ -79,14 +79,21 @@ AUX             = @AUX@
 CP              = cp
 LN              = ln
 RM              = rm -f
-TAR             = tar
 MKDIR           = $(TOP)/$(AUX)/mkdir.sh
 INSTALL         = $(TOP)/$(AUX)/install.sh -c
-INSTALL_PROGRAM = $(INSTALL) -s -m 755
-INSTALL_DSO     = $(INSTALL) -m 755
-INSTALL_SCRIPT  = $(INSTALL) -m 755
-INSTALL_DATA    = $(INSTALL) -m 644
+IFLAGS_PROGRAM  = @IFLAGS_PROGRAM@
+IFLAGS_CORE     = @IFLAGS_CORE@
+IFLAGS_DSO      = @IFLAGS_DSO@
+IFLAGS_SCRIPT   = @IFLAGS_SCRIPT@
+IFLAGS_DATA     = @IFLAGS_DATA@
+INSTALL_PROGRAM = $(INSTALL) $(IFLAGS_PROGRAM)
+INSTALL_CORE    = $(INSTALL) $(IFLAGS_CORE)
+INSTALL_DSO     = $(INSTALL) $(IFLAGS_DSO)
+INSTALL_SCRIPT  = $(INSTALL) $(IFLAGS_SCRIPT)
+INSTALL_DATA    = $(INSTALL) $(IFLAGS_DATA)
 PERL            = @PERL@
+TAR		= @TAR@
+TAROPT		= @TAROPT@
 
 #   installation name of Apache webserver
 TARGET          = @TARGET@
@@ -105,6 +112,9 @@ libexecdir      = @libexecdir@
 mandir          = @mandir@
 sysconfdir      = @sysconfdir@
 datadir         = @datadir@
+iconsdir        = @iconsdir@
+htdocsdir       = @htdocsdir@
+cgidir          = @cgidir@
 includedir      = @includedir@
 localstatedir   = @localstatedir@
 runtimedir      = @runtimedir@
@@ -127,6 +137,7 @@ suexec_safepath = @suexec_safepath@
 ssl = @ssl@
 
 #   some substituted configuration parameters
+conf_user        = @conf_user@
 conf_group       = @conf_group@
 conf_port        = @conf_port@
 conf_port_ssl    = @conf_port_ssl@
@@ -140,9 +151,11 @@ clean-support     = @clean_support@
 distclean-support = @distclean_support@
 
 #   `make certificate' parameters
-TYPE = test
+TYPE =
+ALGO =
 CRT  =
 KEY  =
+VIEW =
 
 #   forwarding arguments
 MFWD = root=$(root)
@@ -162,7 +175,9 @@ all: build
 build:
 	@echo "===> $(SRC)"
 	@$(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) build-std
-	@$(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) $(build-support)
+	@if [ "x$(build-support)" != "x" ]; then \
+	    $(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) $(build-support); \
+        fi
 	@$(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) build-certificate
 	@touch $(TOP)/$(SRC)/.apaci.build.ok
 	@echo "<=== $(SRC)"
@@ -188,8 +203,7 @@ build-support:
 			-DUSERDIR_SUFFIX=\"$(suexec_userdir)\" \
 			-DLOG_EXEC=\"$(suexec_logexec)\" \
 			-DDOC_ROOT=\"$(suexec_docroot)\" \
-			-DSAFE_PATH=\"$(suexec_safepath)\" \
-		' \
+			-DSAFE_PATH=\"$(suexec_safepath)\" ' \
 		suexec; \
 	fi; \
 	echo "<=== $(SRC)/support"
@@ -216,6 +230,11 @@ build-certificate:
 				echo "| and TYPE=existing when you're an admin who upgrades a server.       |"; \
 				echo "| (The default is TYPE=test)                                          |"; \
 				echo "|                                                                     |"; \
+				echo "| Additionally add ALGO=RSA (default) or ALGO=DSA to select           |"; \
+				echo "| the signature algorithm used for the generated certificate.         |"; \
+				echo "|                                                                     |"; \
+				echo "| Use 'make certificate VIEW=1' to display the generated data.        |"; \
+				echo "|                                                                     |"; \
 				echo "| Thanks for using Apache & mod_ssl.       Ralf S. Engelschall        |"; \
 				echo "|                                          rse@engelschall.com        |"; \
 				echo "|                                          www.engelschall.com        |"; \
@@ -225,16 +244,20 @@ build-certificate:
 	fi
 
 certificate:
-	@cd $(TOP)/$(SRC); $(MAKE) $(MFLAGS) certificate TYPE=$(TYPE) CRT=$(CRT) KEY=$(KEY)
+	@cd $(TOP)/$(SRC); $(MAKE) $(MFLAGS) certificate TYPE="$(TYPE)" ALGO="$(ALGO)" CRT="$(CRT)" KEY="$(KEY)" VIEW="$(VIEW)"
 
 ## ------------------------------------------------------------------
 ##                       Installation Targets
 ## ------------------------------------------------------------------
 
+#   indirection step to avoid conflict with INSTALL document 
+#   on case-insenstive filesystems, for instance on OS/2
+install: install-all
+
 #   the install target for installing the complete Apache
 #   package. This is implemented by running subtargets for the
 #   separate parts of the installation process.
-install:
+install-all:
 	@if [ ! -f $(TOP)/$(SRC)/.apaci.build.ok ]; then \
 		$(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) build; \
 	else \
@@ -275,7 +298,7 @@ install:
 
 #   the non-verbose variant for package maintainers
 install-quiet:
-	@$(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) QUIET=1 install
+	@$(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) QUIET=1 install-all
 
 #   create the installation tree
 install-mktree:
@@ -287,27 +310,47 @@ install-mktree:
 	$(MKDIR) $(root)$(mandir)/man8
 	$(MKDIR) $(root)$(sysconfdir)
 	$(MKDIR) $(root)$(sysconfdir)/ssl.crt
+	$(MKDIR) $(root)$(sysconfdir)/ssl.crl
 	$(MKDIR) $(root)$(sysconfdir)/ssl.csr
 	$(MKDIR) $(root)$(sysconfdir)/ssl.key
-	$(MKDIR) $(root)$(datadir)/htdocs
-	$(MKDIR) $(root)$(datadir)/icons
-	$(MKDIR) $(root)$(datadir)/cgi-bin
+	$(MKDIR) $(root)$(sysconfdir)/ssl.prm
+	$(MKDIR) $(root)$(htdocsdir)
+	$(MKDIR) $(root)$(iconsdir)
+	$(MKDIR) $(root)$(cgidir)
 	$(MKDIR) $(root)$(includedir)
+	$(MKDIR) $(root)$(includedir)/xml
 	$(MKDIR) $(root)$(runtimedir)
 	$(MKDIR) $(root)$(logfiledir)
 	$(MKDIR) $(root)$(proxycachedir)
+	-@if [ "x`$(AUX)/getuid.sh`" = "x0" ]; then \
+		echo "chown $(conf_user) $(root)$(proxycachedir)"; \
+		chown $(conf_user) $(root)$(proxycachedir); \
+		echo "chgrp $(conf_group) $(root)$(proxycachedir)"; \
+		chgrp $(conf_group) $(root)$(proxycachedir); \
+	fi
 	@echo "<=== [mktree]"
 
 #   install the server program and optionally corresponding
 #   shared object files.
 install-programs:
 	@echo "===> [programs: Installing Apache $(TARGET) program and shared objects]"
-	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/$(TARGET) $(root)$(sbindir)/$(TARGET)
+	-@if [ ".`grep '^[ 	]*AddModule.*mod_so\.o' $(TOP)/$(SRC)/Configuration.apaci`" != . ]; then \
+		echo "$(INSTALL_CORE) $(TOP)/$(SRC)/$(TARGET) $(root)$(sbindir)/$(TARGET)"; \
+		$(INSTALL_CORE) $(TOP)/$(SRC)/$(TARGET) $(root)$(sbindir)/$(TARGET); \
+		SHLIB_EXPORT_FILES="`grep '^SHLIB_EXPORT_FILES=' $(TOP)/$(SRC)/Makefile | sed -e 's:^.*=::'`"; \
+		if [ ".$${SHLIB_EXPORT_FILES}" != . ]; then \
+			$(CP) $(TOP)/$(SRC)/support/httpd.exp $(root)$(libexecdir)/; \
+			chmod 644 $(root)$(libexecdir)/httpd.exp; \
+		fi; \
+	else \
+		echo "$(INSTALL_PROGRAM) $(TOP)/$(SRC)/$(TARGET) $(root)$(sbindir)/$(TARGET)"; \
+		$(INSTALL_PROGRAM) $(TOP)/$(SRC)/$(TARGET) $(root)$(sbindir)/$(TARGET); \
+	fi
 	-@if [ ".`grep 'SUBTARGET=target_shared' $(TOP)/$(SRC)/Makefile`" != . ]; then \
 		SHLIB_SUFFIX_NAME="`grep '^SHLIB_SUFFIX_NAME=' $(TOP)/$(SRC)/Makefile | sed -e 's:^.*=::'`"; \
 		SHLIB_SUFFIX_LIST="`grep '^SHLIB_SUFFIX_LIST=' $(TOP)/$(SRC)/Makefile | sed -e 's:^.*=::'`"; \
-		echo "$(INSTALL_DSO) $(TOP)/$(SRC)/lib$(TARGET).ep $(root)$(libexecdir)/lib$(TARGET).ep"; \
-		$(INSTALL_DSO) $(TOP)/$(SRC)/lib$(TARGET).ep $(root)$(libexecdir)/lib$(TARGET).ep; \
+		echo "$(INSTALL_CORE) $(TOP)/$(SRC)/lib$(TARGET).ep $(root)$(libexecdir)/lib$(TARGET).ep"; \
+		$(INSTALL_CORE) $(TOP)/$(SRC)/lib$(TARGET).ep $(root)$(libexecdir)/lib$(TARGET).ep; \
 		echo "$(INSTALL_DSO) $(TOP)/$(SRC)/lib$(TARGET).$${SHLIB_SUFFIX_NAME} $(root)$(libexecdir)/lib$(TARGET).$${SHLIB_SUFFIX_NAME}"; \
 		$(INSTALL_DSO) $(TOP)/$(SRC)/lib$(TARGET).$${SHLIB_SUFFIX_NAME} $(root)$(libexecdir)/lib$(TARGET).$${SHLIB_SUFFIX_NAME}; \
 		if [ ".$${SHLIB_SUFFIX_LIST}" != . ]; then \
@@ -364,7 +407,7 @@ install-programs:
 install-support:
 	@echo "===> [support: Installing Apache support programs and scripts]"
 	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/ab $(root)$(sbindir)/ab
-	$(INSTALL_DATA) $(TOP)/$(SRC)/support/ab.1 $(root)$(mandir)/man1/ab.1
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/ab.8 $(root)$(mandir)/man8/ab.8
 	@if [ ".$(TARGET)" = .httpd ]; then \
 		apachectl='apachectl'; \
 	else \
@@ -375,8 +418,8 @@ install-support:
 		-e 's;HTTPD=.*;HTTPD=$(sbindir)/$(TARGET);' \
 		< $(TOP)/$(SRC)/support/apachectl > $(TOP)/$(SRC)/.apaci.install.tmp && \
 		$(INSTALL_SCRIPT) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(sbindir)/$${apachectl}; \
-	echo "$(INSTALL_DATA) $(TOP)/$(SRC)/support/apachectl.1 $(root)$(mandir)/man1/$${apachectl}.1"; \
-	$(INSTALL_DATA) $(TOP)/$(SRC)/support/apachectl.1 $(root)$(mandir)/man1/$${apachectl}.1
+	echo "$(INSTALL_DATA) $(TOP)/$(SRC)/support/apachectl.8 $(root)$(mandir)/man8/$${apachectl}.8"; \
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/apachectl.8 $(root)$(mandir)/man8/$${apachectl}.8
 	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/htpasswd $(root)$(bindir)/htpasswd
 	$(INSTALL_DATA) $(TOP)/$(SRC)/support/htpasswd.1 $(root)$(mandir)/man1/htpasswd.1
 	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/htdigest $(root)$(bindir)/htdigest
@@ -412,47 +455,91 @@ install-support:
 	fi
 	@echo "<=== [support]"
 
+#   install the support programs and scripts for binary distribution
+install-binsupport:
+	@echo "===> [support: Installing Apache support programs and scripts for binary distribution]"
+	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/ab $(root)$(sbindir)/ab
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/ab.8 $(root)$(mandir)/man8/ab.8
+	@if [ ".$(TARGET)" = .httpd ]; then \
+		apachectl='apachectl'; \
+	else \
+		apachectl="$(TARGET)ctl"; \
+	fi; \
+	echo "$(INSTALL_SCRIPT) $(TOP)/$(SRC)/support/apachectl[*] $(root)$(sbindir)/$${apachectl}"; \
+	sed -e 's;PIDFILE=.*;PIDFILE=$(runtimedir)/$(TARGET).pid;' \
+		-e 's;HTTPD=.*;HTTPD=$(sbindir)/$(TARGET);' \
+		< $(TOP)/$(SRC)/support/apachectl > $(TOP)/$(SRC)/.apaci.install.tmp && \
+		$(INSTALL_SCRIPT) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(sbindir)/$${apachectl}; \
+	echo "$(INSTALL_DATA) $(TOP)/$(SRC)/support/apachectl.8 $(root)$(mandir)/man8/$${apachectl}.8"; \
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/apachectl.8 $(root)$(mandir)/man8/$${apachectl}.8
+	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/htpasswd $(root)$(bindir)/htpasswd
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/htpasswd.1 $(root)$(mandir)/man1/htpasswd.1
+	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/htdigest $(root)$(bindir)/htdigest
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/htdigest.1 $(root)$(mandir)/man1/htdigest.1
+	@echo "$(INSTALL_SCRIPT) $(TOP)/$(SRC)/support/dbmmanage[*] $(root)$(bindir)/dbmmanage"; \
+	$(INSTALL_SCRIPT) $(TOP)/$(SRC)/support/dbmmanage $(root)$(bindir)/dbmmanage
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/dbmmanage.1 $(root)$(mandir)/man1/dbmmanage.1
+	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/logresolve $(root)$(sbindir)/logresolve
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/logresolve.8 $(root)$(mandir)/man8/logresolve.8
+	$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/rotatelogs $(root)$(sbindir)/rotatelogs
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/rotatelogs.8 $(root)$(mandir)/man8/rotatelogs.8
+	@echo "$(INSTALL_SCRIPT) $(TOP)/$(SRC)/support/apxs[*] $(root)$(sbindir)/apxs"; \
+	$(INSTALL_SCRIPT) $(TOP)/$(SRC)/support/apxs $(root)$(sbindir)/apxs
+	$(INSTALL_DATA) $(TOP)/$(SRC)/support/apxs.8 $(root)$(mandir)/man8/apxs.8
+	-@if [ ".$(suexec)" = .1 ]; then \
+	    echo "$(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/suexec $(root)$(sbindir)/suexec"; \
+	    $(INSTALL_PROGRAM) $(TOP)/$(SRC)/support/suexec $(root)$(sbindir)/suexec; \
+	    echo "chown root $(root)$(sbindir)/suexec"; \
+	    chown root $(root)$(sbindir)/suexec; \
+	    echo "chmod 4711 $(root)$(sbindir)/suexec"; \
+	    chmod 4711 $(root)$(sbindir)/suexec; \
+	    echo "$(INSTALL_DATA) $(TOP)/$(SRC)/support/suexec.8 $(root)$(mandir)/man8/suexec.8"; \
+	    $(INSTALL_DATA) $(TOP)/$(SRC)/support/suexec.8 $(root)$(mandir)/man8/suexec.8; \
+	fi
+	@echo "<=== [support]"
+
 #   install the Apache C header files
 install-include:
 	@echo "===> [include: Installing Apache C header files]"
 	$(CP) $(TOP)/$(SRC)/include/*.h $(root)$(includedir)/
-	@osdir=`grep '^OSDIR=' $(TOP)/$(SRC)/Makefile.config | sed -e 's:^OSDIR=.*/os:os:'`; \
+	$(CP) $(TOP)/$(SRC)/lib/expat-lite/*.h $(root)$(includedir)/xml/
+	@osdir=`grep '^OSDIR=' $(TOP)/$(SRC)/Makefile.config | sed -e 's:^OSDIR=.*/os/:os/:'`; \
 		echo "$(CP) $(TOP)/$(SRC)/$${osdir}/os.h $(root)$(includedir)/"; \
 		$(CP) $(TOP)/$(SRC)/$${osdir}/os.h $(root)$(includedir)/; \
 		echo "$(CP) $(TOP)/$(SRC)/$${osdir}/os-inline.c $(root)$(includedir)/"; \
 		$(CP) $(TOP)/$(SRC)/$${osdir}/os-inline.c $(root)$(includedir)/
-	chmod 644 $(root)$(includedir)/*.h
+	chmod 644 $(root)$(includedir)/*.h $(root)$(includedir)/xml/*.h
 	@echo "<=== [include]"
 
 #   create an initial document root containing the Apache manual,
 #   icons and distributed CGI scripts.
 install-data:
 	@echo "===> [data: Installing initial data files]"
-	-@if [ -f $(root)$(datadir)/htdocs/index.html ]; then \
-		echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/htdocs/]"; \
+	-@if [ -f $(root)$(htdocsdir)/index.html ]; then \
+		echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(htdocsdir)/]"; \
 	else \
-		echo "Copying tree $(TOP)/htdocs/ -> $(root)$(datadir)/htdocs/"; \
-		(cd $(TOP)/htdocs/ && $(TAR) -hcf - *) |\
-		(cd $(root)$(datadir)/htdocs/ && $(TAR) -xf -); \
-		find $(root)$(datadir)/htdocs/ -type d -exec chmod a+rx {} \; ; \
-		find $(root)$(datadir)/htdocs/ -type f -exec chmod a+r {} \; ; \
+		echo "Copying tree $(TOP)/htdocs/ -> $(root)$(htdocsdir)/"; \
+		(cd $(TOP)/htdocs/ && $(TAR) $(TAROPT) - *) |\
+		(cd $(root)$(htdocsdir)/ && $(TAR) -xf -); \
+		find $(root)$(htdocsdir)/ -type d -exec chmod a+rx {} \; ; \
+		find $(root)$(htdocsdir)/ -type f -exec chmod a+r {} \; ; \
 	fi
-	-@if [ -f $(root)$(datadir)/cgi-bin/printenv ]; then \
-		echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/cgi-bin/]"; \
+	-@if [ -f $(root)$(cgidir)/printenv ]; then \
+		echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(cgidir)/]"; \
 	else \
 		for script in printenv test-cgi; do \
 			cat $(TOP)/cgi-bin/$${script} |\
 			sed -e 's;^#!/.*perl;#!$(PERL);' \
 			> $(TOP)/$(SRC)/.apaci.install.tmp; \
-			echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(datadir)/cgi-bin/$${script}"; \
-			$(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(datadir)/cgi-bin/$${script}; \
+			echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(cgidir)/$${script}"; \
+			$(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(cgidir)/$${script}; \
 		done; \
 	fi
-	@echo "Copying tree $(TOP)/icons/ -> $(root)$(datadir)/icons/"; \
-	(cd $(TOP)/icons/ && $(TAR) -hcf - *) |\
-	(cd $(root)$(datadir)/icons/ && $(TAR) -xf -); \
-	find $(root)$(datadir)/icons/ -type d -exec chmod a+rx {} \; ;\
-	find $(root)$(datadir)/icons/ -type f -exec chmod a+r {} \;
+	@echo "Copying tree $(TOP)/icons/ -> $(root)$(iconsdir)/"; \
+	(cd $(TOP)/icons/ && $(TAR) $(TAROPT) - *) |\
+	(cd $(root)$(iconsdir)/ && $(TAR) -xf -); \
+	find $(root)$(iconsdir)/ -type d -exec chmod a+rx {} \; ;\
+	find $(root)$(iconsdir)/ -type f -exec chmod a+r {} \;
 	@echo "<=== [data]"
 
 #   create the initial configuration by providing default files
@@ -481,21 +568,26 @@ install-config:
 			-e "s;logs/ssl_engine_log;$(logfiledir)/$${target_prefix}ssl_engine_log;" \
 			-e "s;logs/ssl_request_log;$(logfiledir)/$${target_prefix}ssl_request_log;" \
 			-e 's;@@ServerRoot@@/conf/ssl.crt;$(sysconfdir)/ssl.crt;' \
+			-e 's;@@ServerRoot@@/conf/ssl.crl;$(sysconfdir)/ssl.crl;' \
+			-e 's;@@ServerRoot@@/conf/ssl.csr;$(sysconfdir)/ssl.csr;' \
 			-e 's;@@ServerRoot@@/conf/ssl.key;$(sysconfdir)/ssl.key;' \
-			-e 's;@@ServerRoot@@/htdocs;$(datadir)/htdocs;' \
-			-e 's;@@ServerRoot@@/icons;$(datadir)/icons;' \
-			-e 's;@@ServerRoot@@/cgi-bin;$(datadir)/cgi-bin;' \
+			-e 's;@@ServerRoot@@/conf/ssl.prm;$(sysconfdir)/ssl.prm;' \
+			-e 's;@@ServerRoot@@/htdocs;$(htdocsdir);' \
+			-e 's;@@ServerRoot@@/icons;$(iconsdir);' \
+			-e 's;@@ServerRoot@@/cgi-bin;$(cgidir);' \
 			-e 's;@@ServerRoot@@/proxy;$(proxycachedir);' \
 			-e 's;@@ServerRoot@@;$(prefix);g' \
-			-e 's;logs/accept.lock;$(runtimedir)/$(TARGET).lock;' \
+			-e 's;httpd\.conf;$(TARGET).conf;' \
+			-e 's;logs/accept\.lock;$(runtimedir)/$(TARGET).lock;' \
 			-e 's;logs/apache_runtime_status;$(runtimedir)/$(TARGET).scoreboard;' \
-			-e 's;logs/httpd.pid;$(runtimedir)/$(TARGET).pid;' \
+			-e 's;logs/httpd\.pid;$(runtimedir)/$(TARGET).pid;' \
 			-e "s;logs/access_log;$(logfiledir)/$${target_prefix}access_log;" \
 			-e "s;logs/error_log;$(logfiledir)/$${target_prefix}error_log;" \
 			-e "s;logs/referer_log;$(logfiledir)/$${target_prefix}referer_log;" \
 			-e "s;logs/agent_log;$(logfiledir)/$${target_prefix}agent_log;" \
 			-e 's;conf/magic;$(sysconfdir)/magic;' \
-			-e 's;conf/mime.types;$(sysconfdir)/mime.types;' \
+			-e 's;conf/mime\.types;$(sysconfdir)/mime.types;' \
+			-e 's;User nobody;User $(conf_user);' \
 			-e 's;Group #-1;Group $(conf_group);' \
 			-e 's;Port 80;Port $(conf_port);' \
 			-e 's;Listen 80;Listen $(conf_port);' \
@@ -526,10 +618,14 @@ install-config:
 	-@if [ ".$(ssl)" = .1 ]; then \
 		echo "chmod 755 $(root)$(sysconfdir)/ssl.crt"; \
 		chmod 755 $(root)$(sysconfdir)/ssl.crt; \
+		echo "chmod 755 $(root)$(sysconfdir)/ssl.crl"; \
+		chmod 755 $(root)$(sysconfdir)/ssl.crl; \
 		echo "chmod 755 $(root)$(sysconfdir)/ssl.csr"; \
 		chmod 755 $(root)$(sysconfdir)/ssl.csr; \
 		echo "chmod 700 $(root)$(sysconfdir)/ssl.key"; \
 		chmod 700 $(root)$(sysconfdir)/ssl.key; \
+		echo "chmod 755 $(root)$(sysconfdir)/ssl.prm"; \
+		chmod 755 $(root)$(sysconfdir)/ssl.prm; \
 		if [ ! -f "$(root)$(sysconfdir)/ssl.crt/README.CRT" ]; then \
 			echo "$(INSTALL_DATA) $(TOP)/conf/ssl.crt/README.CRT $(root)$(sysconfdir)/ssl.crt/README.CRT"; \
 			$(INSTALL) $(TOP)/conf/ssl.crt/README.CRT $(root)$(sysconfdir)/ssl.crt/README.CRT; \
@@ -537,8 +633,14 @@ install-config:
 			$(INSTALL) $(TOP)/conf/ssl.crt/Makefile $(root)$(sysconfdir)/ssl.crt/Makefile; \
 			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.crt/ca-bundle.crt $(root)$(sysconfdir)/ssl.crt/ca-bundle.crt"; \
 			$(INSTALL) -m 400 $(TOP)/conf/ssl.crt/ca-bundle.crt $(root)$(sysconfdir)/ssl.crt/ca-bundle.crt; \
-			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.crt/snakeoil-ca.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-ca.crt"; \
-			$(INSTALL) -m 400 $(TOP)/conf/ssl.crt/snakeoil-ca.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-ca.crt; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.crt/snakeoil-ca-rsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-ca-rsa.crt"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.crt/snakeoil-ca-rsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-ca-rsa.crt; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.crt/snakeoil-ca-dsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-ca-dsa.crt"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.crt/snakeoil-ca-dsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-ca-dsa.crt; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.crt/snakeoil-rsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-rsa.crt"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.crt/snakeoil-rsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-rsa.crt; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.crt/snakeoil-dsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-dsa.crt"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.crt/snakeoil-dsa.crt $(root)$(sysconfdir)/ssl.crt/snakeoil-dsa.crt; \
 			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.crt/server.crt $(root)$(sysconfdir)/ssl.crt/server.crt"; \
 			$(INSTALL) -m 400 $(TOP)/conf/ssl.crt/server.crt $(root)$(sysconfdir)/ssl.crt/server.crt; \
 			if [ -f "$(TOP)/conf/ssl.crt/ca.crt" ]; then \
@@ -550,7 +652,7 @@ install-config:
 		fi; \
 		echo "Updating hash symlinks in $(root)$(sysconfdir)/ssl.crt/:"; \
 		SSL_PROGRAM="`grep '^SSL_PROGRAM=' $(TOP)/$(SRC)/Makefile.config | sed -e 's:^.*=::'`"; \
-		(cd $(root)$(sysconfdir)/ssl.crt/ && $(MAKE) $(MFLAGS) SSLEAY=$$SSL_PROGRAM); \
+		(cd $(root)$(sysconfdir)/ssl.crt/ && $(MAKE) $(MFLAGS) SSL_PROGRAM=$$SSL_PROGRAM); \
 		if [ ! -f "$(root)$(sysconfdir)/ssl.csr/README.CSR" ]; then \
 			echo "$(INSTALL_DATA) $(TOP)/conf/ssl.csr/README.CSR $(root)$(sysconfdir)/ssl.csr/README.CSR"; \
 			$(INSTALL) $(TOP)/conf/ssl.csr/README.CSR $(root)$(sysconfdir)/ssl.csr/README.CSR; \
@@ -559,11 +661,25 @@ install-config:
 		else \
 			echo "[PRESERVING EXISTING CSR FILES: $(root)$(sysconfdir)/ssl.csr/*]"; \
 		fi; \
+		if [ ! -f "$(root)$(sysconfdir)/ssl.crl/README.CRL" ]; then \
+			echo "$(INSTALL_DATA) $(TOP)/conf/ssl.crl/README.CRL $(root)$(sysconfdir)/ssl.crl/README.CRL"; \
+			$(INSTALL) $(TOP)/conf/ssl.crl/README.CRL $(root)$(sysconfdir)/ssl.crl/README.CRL; \
+			echo "$(INSTALL_DATA) $(TOP)/conf/ssl.crl/Makefile $(root)$(sysconfdir)/ssl.crl/Makefile"; \
+			$(INSTALL) $(TOP)/conf/ssl.crl/Makefile $(root)$(sysconfdir)/ssl.crl/Makefile; \
+		else \
+			echo "[PRESERVING EXISTING CRL FILES: $(root)$(sysconfdir)/ssl.crl/*]"; \
+		fi; \
 		if [ ! -f "$(root)$(sysconfdir)/ssl.key/README.KEY" ]; then \
 			echo "$(INSTALL_DATA) $(TOP)/conf/ssl.key/README.KEY $(root)$(sysconfdir)/ssl.key/README.KEY"; \
 			$(INSTALL) $(TOP)/conf/ssl.key/README.KEY $(root)$(sysconfdir)/ssl.key/README.KEY; \
-			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.key/snakeoil-ca.key $(root)$(sysconfdir)/ssl.key/snakeoil-ca.key"; \
-			$(INSTALL) -m 400 $(TOP)/conf/ssl.key/snakeoil-ca.key $(root)$(sysconfdir)/ssl.key/snakeoil-ca.key; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.key/snakeoil-ca-rsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-ca-rsa.key"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.key/snakeoil-ca-rsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-ca-rsa.key; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.key/snakeoil-ca-dsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-ca-dsa.key"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.key/snakeoil-ca-dsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-ca-dsa.key; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.key/snakeoil-rsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-rsa.key"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.key/snakeoil-rsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-rsa.key; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.key/snakeoil-dsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-dsa.key"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.key/snakeoil-dsa.key $(root)$(sysconfdir)/ssl.key/snakeoil-dsa.key; \
 			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.key/server.key $(root)$(sysconfdir)/ssl.key/server.key"; \
 			$(INSTALL) -m 400 $(TOP)/conf/ssl.key/server.key $(root)$(sysconfdir)/ssl.key/server.key; \
 			if [ -f "$(TOP)/conf/ssl.key/ca.key" ]; then \
@@ -573,6 +689,16 @@ install-config:
 		else \
 			echo "[PRESERVING EXISTING KEY FILES: $(root)$(sysconfdir)/ssl.key/*]"; \
 		fi; \
+		if [ ! -f "$(root)$(sysconfdir)/ssl.prm/README.PRM" ]; then \
+			echo "$(INSTALL_DATA) $(TOP)/conf/ssl.prm/README.PRM $(root)$(sysconfdir)/ssl.prm/README.PRM"; \
+			$(INSTALL) $(TOP)/conf/ssl.prm/README.PRM $(root)$(sysconfdir)/ssl.prm/README.PRM; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.prm/snakeoil-ca-dsa.prm $(root)$(sysconfdir)/ssl.prm/snakeoil-ca-dsa.prm"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.prm/snakeoil-ca-dsa.prm $(root)$(sysconfdir)/ssl.prm/snakeoil-ca-dsa.prm; \
+			echo "$(INSTALL_DATA) -m 400 $(TOP)/conf/ssl.prm/snakeoil-dsa.prm $(root)$(sysconfdir)/ssl.prm/snakeoil-dsa.prm"; \
+			$(INSTALL) -m 400 $(TOP)/conf/ssl.prm/snakeoil-dsa.prm $(root)$(sysconfdir)/ssl.prm/snakeoil-dsa.prm; \
+		else \
+			echo "[PRESERVING EXISTING PRM FILES: $(root)$(sysconfdir)/ssl.prm/*]"; \
+		fi; \
 	fi
 	@echo "<=== [config]"
 
diff --git a/usr.sbin/httpd/README.NT b/usr.sbin/httpd/README.NT
index db2a23e6733..b398a8deef2 100644
--- a/usr.sbin/httpd/README.NT
+++ b/usr.sbin/httpd/README.NT
@@ -1,95 +1,91 @@
-                            Apache for Windows
-                           Version 1.3 (and up)
 
-What is it?
------------
+                                 Apache
+                             Version 1.3 (and up)
 
-Apache is an HTTP server, originally designed for Unix systems. This
-is the first major release of Apache for Windows systems, including
-Microsoft Windows NT, 98, and 95.  Like the Unix version, it includes
-many frequently requested new features, and has an API that allows it
-to be extended to meet users' needs more easily. It also allows ISAPI
-extensions.
+  What is it?
+  -----------
 
-Documentation
--------------
+  Apache is an HTTP server, originally designed for Unix systems. This
+  is the version of Apache for Microsoft Windows NT, 98, and 95
+  systems.  Like the Unix version, it includes many frequently
+  requested new features, and has an API that allows it to be extended
+  to meet users' needs more easily. It also allows ISAPI extensions.
 
-The documentation available as of the date of this release is also
-included, in HTML format, in the <./htdocs/manual/> directory.
-For the most up-to-date documentation, visit us on the WWW at
-<http://www.apache.org/>. For Windows specific information, see
-<http://www.apache.org/docs/windows.html>.
 
-WARNING
--------
+  The Latest Version
+  ------------------
 
-Apache on Win32 has not yet been optimized for performance.  Apache still
-performs best, and is most reliable on Unix platforms.  Over time we
-will improve performance for Windows NT. Folks doing comparative reviews
-of webserver performance are asked to compare against Apache on a Unix
-platform such as Solaris, FreeBSD, or Linux.
+  Details of the latest version can be found on the Apache HTTP
+  server project page under http://www.apache.org/.
 
-Apache on Win32 should still be considered beta quality code.  It does not
-meet the normal standards of stability and security that Unix releases do.
+  Documentation
+  -------------
 
-Installation or Compilation Instructions
-----------------------------------------
+  The documentation available as of the date of this release is
+  also included, in HTML format, in the htdocs/manual/ directory.
+  For the most up-to-date documentation can be found on
+  http://www.apache.org/docs/. For Windows specific information, see
+  http://www.apache.org/docs/windows.html.
 
-See the website <http://www.apache.org/docs/windows.html> for details of
-how to install Apache from a binary release or how to compile Apache
-from scratch. This file is also included in the distribution as
-<./htdocs/manual/windows.html>.
+  WARNING
+  -------
 
-Known Problems
---------------
+  Apache on Win32 has not yet been optimized for performance.  Apache
+  still performs best, and is most reliable on Unix platforms.  Over
+  time we will improve performance for Windows NT. Folks doing
+  comparative reviews of webserver performance are asked to compare
+  against Apache on a Unix platform such as Solaris, FreeBSD, or
+  Linux.
 
-To get information about the current set of known problems, see our
-online bug reporting database at <http://www.apache.org/bug_report.html>.
-In particular, search for problem reports under the category "os-windows".
+  Apache on Win32 should still be considered beta quality code.  It
+  does not meet the normal standards of stability and security that
+  Unix releases do.
 
-This is a rough list of what we know has not been implemented on Win32.
+  Installation
+  ------------
 
-- The User directive is not supported. If you run apache as a service,
-  you can change the user it runs as by going to 
-  Control Panel->Services->Startup
+  If you have installed Apache as a pre-compiled binary, you can
+  now run the server by selecting "Start Apache as console app"
+  from the Start menu. You can configure Apache for your system
+  by editing the file conf/httpd.conf in the directory where you
+  installed Apache.
 
-- suexec doesn't work
+  See the http://www.apache.org/docs/windows.html for details of how
+  to run and configure Apache, or select the "Apache Documentation"
+  icon read the local copy installed with Apache.
 
-- RFC 1413 (IdentityCheck) is not yet ported
+  Known Problems
+  --------------
 
-- If you have a very busy server, when a server child process exits,
-  any connections made to that child process that have not yet been
-  accepted by it are aborted.
+  To get information about the current set of known problems, see the
+  online bug reporting database at
+  http://www.apache.org/bug_report.html.  Bugs which affect Apache on
+  Windows and not Apache on Unix can be found under the category
+  "os-windows".
 
-- The regex library build does not generate *.ih headers.
+  Licensing
+  ---------
 
-- Multithreading is not properly abstracted
+  Please see the file called LICENSE.
 
-- htpasswd passwords are stored in plain text because Windows lacks a
-  crypt() function
+  Acknowledgments
+  ----------------
 
-Licensing
----------
+  We wish to acknowledge the following copyrighted works that
+  make up portions of the Apache software:
 
-Please see the file called LICENSE.
+  Portions of this software were developed at the National Center
+  for Supercomputing Applications (NCSA) at the University of
+  Illinois at Urbana-Champaign.
 
-Acknowledgments
-----------------
+  This software contains code derived from the RSA Data Security
+  Inc. MD5 Message-Digest Algorithm, including various
+  modifications by Spyglass Inc., Carnegie Mellon University, and
+  Bell Communications Research, Inc (Bellcore).
 
-We wish to acknowledge the following copyrighted works that make up
-portions of the Apache software:
+  This package contains software written and copyrighted by Henry
+  Spencer.  Please see the file called src/regex/COPYRIGHT. 
 
-Portions of this software were developed at the National Center for
-Supercomputing Applications at the University of Illinois at
-Urbana-Champaign.
+  The NT port was started with code provided to the Apache Group
+  by Ambarish Malpani of ValiCert, Inc. (http://www.valicert.com/).
 
-This software contains code derived from the RSA Data Security Inc. MD5
-Message-Digest Algorithm, including various modifications by Spyglass Inc.,
-Carnegie Mellon University, and Bell Communications Research, Inc.
-(Bellcore).
-
-This package contains software written and copyrighted by Henry Spencer.
-Please see the file called src/regex/COPYRIGHT.
-
-The NT port was started with code provided to the Apache Group
-by Ambarish Malpani of ValiCert, Inc. (www.valicert.com).
diff --git a/usr.sbin/httpd/README.SSL b/usr.sbin/httpd/README.SSL
index 8b0f6d16cf7..e8a09d268b8 100644
--- a/usr.sbin/httpd/README.SSL
+++ b/usr.sbin/httpd/README.SSL
@@ -1,8 +1,8 @@
                        _             _ 
-   _ __ ___   ___   __| |    ___ ___| |  
-  | '_ ` _ \ / _ \ / _` |   / __/ __| |  
-  | | | | | | (_) | (_| |   \__ \__ \ |  mod_ssl - Apache Interface to SSLeay  
-  |_| |_| |_|\___/ \__,_|___|___/___/_|  http://www.engelschall.com/sw/mod_ssl/
+   _ __ ___   ___   __| |    ___ ___| |  mod_ssl
+  | '_ ` _ \ / _ \ / _` |   / __/ __| |  Apache Interface to OpenSSL
+  | | | | | | (_) | (_| |   \__ \__ \ |  www.modssl.org
+  |_| |_| |_|\___/ \__,_|___|___/___/_|  ftp.modssl.org
                        |_____|         
   _____________________________________________________________________________
 
@@ -21,8 +21,8 @@
 
   This Apache module provides strong cryptography for the Apache 1.3 webserver
   via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
-  v1) protocols by the help of the SSL/TLS implementation library SSLeay from
-  Eric A. Young and Tim J. Hudson. 
+  v1) protocols by the help of the Open Source SSL/TLS toolkit OpenSSL which
+  is based on SSLeay from Eric A. Young and Tim J. Hudson. 
  
   The mod_ssl package was created in April 1998 by Ralf S. Engelschall and was
   originally derived from software developed by Ben Laurie for use in the
@@ -43,19 +43,20 @@
    o  Clean Apache module architecture
    o  Integrates seamlessly into Apache through an Extended API (EAPI)
    o  Full Dynamic Shared Object (DSO) support
-   o  Support for the SSLeay+RSAref US-situation
+   o  Support for the OpenSSL+RSAref US-situation
    o  Advanced pass-phrase handling for private keys
    o  X.509 certificate based authentication for both client and server
+   o  X.509 certificate revocation list (CRL) support
    o  Support for per-URL renegotiation of SSL handshake parameters
    o  Support for explicit seeding of the PRNG from external sources
    o  Additional boolean-expression based access control facility
    o  Backward compatibility to other Apache SSL solutions
-   o  Inter-process SSL session cache
+   o  Inter-process SSL session cache (DBM or Shared Memory based)
    o  Powerful dedicated SSL engine logging facility
    o  Simple and robust application to Apache source trees
    o  Fully integrated into the Apache 1.3 configuration mechanism
    o  Additional integration into the Apache Autoconf-style Interface (APACI)
-   o  Assistance in X.509 v3 certificate generation
+   o  Assistance in X.509v3 certificate generation (both RSA and DSA)
 
   Disclaimer
   __________
@@ -123,23 +124,24 @@
   Compatibility
   _____________
 
-  This module was developed and tested with Communicator 4.05, Lynx and cURL
-  under FreeBSD 2.2.6 as the clients only. But it should work with other
-  Navigator/Communicator variants, too. Even Internet Explorer users should be
-  able to use this software.
+  This module was developed and tested with Netscape Communicator 4.0x, Lynx
+  2.7.x and cURL 5.x under FreeBSD 2.2.x and 3.1 as the clients only. But it
+  should work with other Navigator/Communicator variants, too. Even Internet
+  Explorer users should be able to use this software.
 
   Resources
   _________
 
-  For a large list of resources visit the location
-  http://www.engelschall.com/sw/mod_ssl/related/
-  There you can find a lot of hyperlinks to all SSL-related things.
+  For a large list of resources visit the web location
+  http://www.modssl.org/related/ There you can find a lot of hyperlinks to all
+  SSL-related things.
 
   Credits
   _______
 
-  Special thanks to The Apache Group and the NCSA for Apache, to Eric A. Young
-  and Tim J. Hudson for SSLeay and to Ben Laurie for the original Apache-SSL
-  on which mod_ssl is based. Without the effort of these people mod_ssl would
-  not be possible.
+  Special thanks to The Apache Group and the NCSA for Apache, to the OpenSSL
+  project for the SSL/TLS toolkit and especially to Eric A. Young and Tim J.
+  Hudson for SSLeay on which OpenSSL is based.  And thanks also go to Ben
+  Laurie for the original Apache-SSL on which mod_ssl is based. Without the
+  effort of these people mod_ssl would not be possible.
 
diff --git a/usr.sbin/httpd/README.configure b/usr.sbin/httpd/README.configure
index 66390da3b71..4a7e0c50031 100644
--- a/usr.sbin/httpd/README.configure
+++ b/usr.sbin/httpd/README.configure
@@ -1,5 +1,5 @@
                               
-  A P A C H E   C O N F I G U R A T I O N
+  APACHE CONFIGURATION
 
   Apache 1.3 Autoconf-style Interface (APACI)
   ===========================================
@@ -284,3 +284,22 @@
     $ make 
     $ make install
 
+  3. You can also use APXS:
+
+    $ cd apache-1.3.X
+    $ ./configure --prefix=/path/to/apache --enable-shared=max
+    $ make
+    $ make install
+
+    $ cd php-3.0.X
+    $ ./configure --with-apxs=/path/to/apache/bin/apxs \
+                  --with-config-file-path=/path/to/apache
+    $ make
+    $ make install
+
+  At this point don't forget to edit your conf/httpd.conf file and
+  make sure the file contains the line:
+
+    AddType application/x-httpd-php3 .php3
+
+  Then restart your server.
diff --git a/usr.sbin/httpd/config.layout b/usr.sbin/httpd/config.layout
index e387a27cfc0..9e8c0c72337 100644
--- a/usr.sbin/httpd/config.layout
+++ b/usr.sbin/httpd/config.layout
@@ -19,6 +19,9 @@
     mandir:        $prefix/man
     sysconfdir:    $prefix/conf
     datadir:       $prefix
+    iconsdir:      $datadir/icons
+    htdocsdir:     $datadir/htdocs
+    cgidir:        $datadir/cgi-bin
     includedir:    $prefix/include
     localstatedir: $prefix
     runtimedir:    $localstatedir/logs
@@ -37,6 +40,9 @@
     mandir:        $prefix/man
     sysconfdir:    $prefix/etc+
     datadir:       $prefix/share+
+    iconsdir:      $datadir/icons
+    htdocsdir:     $datadir/htdocs
+    cgidir:        $datadir/cgi-bin
     includedir:    $prefix/include+
     localstatedir: $prefix/var+
     runtimedir:    $localstatedir/run
@@ -54,9 +60,112 @@
     mandir:        man
     sysconfdir:    conf
     datadir:
+    iconsdir:      icons
+    htdocsdir:     htdocs
+    cgidir:        cgi-bin
     includedir:    include
     localstatedir:
     runtimedir:    logs
     logfiledir:    logs
     proxycachedir: proxy
 </Layout>
+
+#   Apple's Mac OS X Server Layout
+<Layout Mac OS X Server>
+    prefix:        /Local/Library/WebServer
+    exec_prefix:   /usr/local
+    bindir:        $exec_prefix/bin
+    sbindir:       $exec_prefix/sbin
+    libexecdir:    /Local/Library/Apache/Modules
+    mandir:        $exec_prefix/share/man
+    sysconfdir:    $prefix/Configuration
+    datadir:       $prefix
+    iconsdir:      /Local/Library/Apache/Icons
+    htdocsdir:     $datadir/Documents
+    cgidir:        $datadir/CGI-Executables
+    includedir:    /Local/Library/Frameworks/Apache.framework/Versions/1.3/Headers
+    localstatedir: /var
+    runtimedir:    $prefix/Logs
+    logfiledir:    $prefix/Logs
+    proxycachedir: $prefix/ProxyCache
+</Layout>
+
+#   RedHat 5.x layout
+<Layout RedHat>
+    prefix:        /usr
+    exec_prefix:   $prefix
+    bindir:        $prefix/bin
+    sbindir:       $prefix/sbin
+    libexecdir:    $prefix/lib/apache
+    mandir:        $prefix/man
+    sysconfdir:    /etc/httpd/conf
+    datadir:       /home/httpd
+    iconsdir:      $datadir/icons
+    htdocsdir:     $datadir/html
+    cgidir:        $datadir/cgi-bin
+    includedir:    $prefix/include/apache
+    localstatedir: /var
+    runtimedir:    $localstatedir/run
+    logfiledir:    $localstatedir/log/httpd
+    proxycachedir: $localstatedir/cache/httpd
+</Layout>     
+
+#   According to the /opt filesystem conventions
+<Layout opt>
+    prefix:        /opt/apache
+    exec_prefix:   $prefix
+    bindir:        $exec_prefix/bin
+    sbindir:       $exec_prefix/sbin
+    libexecdir:    $exec_prefix/libexec
+    mandir:        $prefix/man
+    sysconfdir:    /etc$prefix
+    datadir:       $prefix/share
+    iconsdir:      $datadir/icons
+    htdocsdir:     $datadir/htdocs
+    cgidir:        $datadir/cgi-bin
+    includedir:    $prefix/include
+    localstatedir: /var$prefix
+    runtimedir:    $localstatedir/run
+    logfiledir:    $localstatedir/logs
+    proxycachedir: $localstatedir/proxy
+</Layout>
+
+#  BeOS layout...
+<Layout beos>
+    prefix:        /boot/home/apache
+    exec_prefix:   $prefix
+    bindir:        $exec_prefix/bin
+    sbindir:       $exec_prefix/bin
+    libexecdir:    $exec_prefix/libexec
+    mandir:        $prefix/man
+    sysconfdir:    $prefix/conf
+    datadir:       $prefix
+    iconsdir:      $datadir/icons
+    htdocsdir:     $datadir/htdocs
+    cgidir:        $datadir/cgi-bin
+    includedir:    $prefix/include
+    localstatedir: $prefix
+    runtimedir:    $localstatedir/logs
+    logfiledir:    $localstatedir/logs
+    proxycachedir: $localstatedir/proxy
+</Layout>
+
+#   OpenBSD apache path layout.
+<Layout OpenBSD>
+    prefix:        /var/www
+    exec_prefix:   /usr
+    bindir:        /usr/bin
+    sbindir:       /usr/sbin
+    libexecdir:    /usr/lib/apache/modules
+    mandir:        /usr/share/man
+    sysconfdir:    /var/www/conf
+    datadir:       /var/www
+    iconsdir:      /var/www/icons
+    htdocsdir:     /var/www/htdocs
+    cgidir:        /var/www/cgi-bin
+    includedir:    /usr/lib/apache/include
+    localstatedir: /var/www
+    runtimedir:    /var/www/logs
+    logfiledir:    /var/www/logs
+    proxycachedir: /var/www/proxy
+</Layout>
diff --git a/usr.sbin/httpd/configure b/usr.sbin/httpd/configure
index d345c2e927f..6d26e9d4210 100644
--- a/usr.sbin/httpd/configure
+++ b/usr.sbin/httpd/configure
@@ -55,6 +55,10 @@
 ## project, please see <http://www.apache.org/>.
 ##
 
+## Force SSL_BASE=SYSTEM
+SSL_BASE=SYSTEM
+export SSL_BASE
+
 ##
 ##  configure -- Apache Autoconf-style Interface (APACI) 
 ##
@@ -66,6 +70,11 @@ DIFS='
 '
 
 ##
+##  avoid brain dead shells on Ultrix and friends
+##
+test -f /bin/sh5 && exec /bin/sh5 $0 "$@"
+
+##
 ##  the paths to the Apache source tree
 ##
 top=.
@@ -87,16 +96,30 @@ help=no
 quiet=no
 verbose=no
 case "$*" in
-    --help|*--help|*--help* ) help=yes; quiet=yes ;;
-    --quiet|*--quiet|*--quiet* ) quiet=yes ;;
-    --verbose|*--verbose|*--verbose*|-v|*-v|*-v* ) verbose=yes ;;
-    * ) ;;
+    --help|*--help|*--help* ) 
+        help=yes; quiet=yes
+        echo "[hang on a moment, generating help]"
+        echo ""
+        ;;
+    --quiet|*--quiet|*--quiet* ) 
+        quiet=yes
+        ;;
+    --verbose|*--verbose|*--verbose*|-v|*-v|*-v* ) 
+        verbose=yes
+        ;;
+    * ) 
+        ;;
 esac
 
 ##
+##  determine platform id
+##
+PLATFORM="`$aux/GuessOS`"
+
+##
 ##  display version information
 ##
-if [ ".$quiet" = .no ]; then
+if [ "x$quiet" = "xno" ]; then
     APV=`cat $src/include/httpd.h |\
          grep "#define SERVER_BASEVERSION" |\
          sed -e 's/^[^"]*"//' -e 's/".*$//' -e 's/^Apache\///'`
@@ -119,7 +142,7 @@ fi
 ##
 PERL=no-perl-on-this-system
 perlpath="`$aux/PrintPath perl5 perl miniperl`"
-if [ ".$perlpath" != . ]; then
+if [ "x$perlpath" != "x" ]; then
     PERL="$perlpath"
 fi
 
@@ -131,9 +154,9 @@ fi
 ##
 SEO='' # CHANGE THIS VARIABLE HERE IF YOU HAVE PROBLEMS WITH ECHO!
 bytes=`echo $SEO '\1' | wc -c | awk '{ printf("%s", $1); }'`
-if [ ".$bytes" != .3 ]; then
+if [ "x$bytes" != "x3" ]; then
     bytes=`echo -E '\1' | wc -c | awk '{ printf("%s", $1); }'`
-    if [ ".$bytes" != .3 ]; then
+    if [ "x$bytes" != "x3" ]; then
         echo " + Warning: Your 'echo' command is slightly broken."
         echo " + It interprets escape sequences per default. We already"
         echo " + tried 'echo -E' but had no real success. If errors occur"
@@ -152,11 +175,44 @@ fi
 ##
 AWK=awk
 awkpath="`$aux/PrintPath nawk gawk awk`"
-if [ ".$awkpath" != . ]; then
+if [ "x$awkpath" != "x" ]; then
     AWK="$awkpath"
 fi
 
 ##
+## Look for a good Tar. If we don't find 'GNU tar' then make
+## sure ours can handle the '-h' (don't copy symlink, copy
+## the actual data) option.
+##
+TAR=tar
+tarpath="`$aux/PrintPath gtar gnutar tar`"
+if [ "x$tarpath" != "x" ]; then
+    TAR="$tarpath"
+fi
+case "`$TAR -tf /dev/null --version 2>/dev/null`" in
+    *GNU*) TAROPT="-hcf" ;;
+    *) if $TAR -hcf - Makefile.tmpl > /dev/null 2>&1
+       then
+           TAROPT="-hcf"
+       else
+           TAROPT="-cf"
+       fi
+       ;;
+esac
+
+##
+##  determine path to sh, it's not /bin/sh on ALL systems
+##
+SHELL=/bin/sh
+if [ ! -f "$SHELL" ]; then
+    SHELL="`$aux/PrintPath sh`"
+    if [ "x$SHELL" = "x" ]; then
+        echo "configure:Error: Cannot determine path to Bourne-Shell" 1>&2
+        exit 1
+    fi
+fi
+
+##
 ##  determine default parameters
 ##
 
@@ -178,6 +234,19 @@ suexec_uidmin=100
 suexec_gidmin=100
 suexec_safepath="/usr/local/bin:/usr/bin:/bin"
 
+#   the installation flags
+iflags_program="-m 755 -s"
+iflags_core="-m 755"
+iflags_dso="-m 755"
+iflags_script="-m 755"
+iflags_data="-m 644"
+case $PLATFORM in
+    *OS/2* ) 
+        iflags_program="$iflags_program -e .exe" 
+        iflags_core="$iflags_core -e .exe" 
+        ;;
+esac
+
 #   ssl defaults
 ssl=0
 
@@ -189,7 +258,8 @@ permute=''
 #   determine rules
 rules=''
 rulelist=''
-OIFS="$IFS" IFS='
+OIFS="$IFS"
+IFS='
 '
 for rule in `grep '^Rule' $src/Configuration.tmpl`; do
     rule=`echo "$rule" | sed -e 's/^Rule[ 	]*//'`
@@ -206,15 +276,16 @@ rules=`echo $rules | sed -e 's/^://'`
 #   determine modules
 modules=''
 modulelist=''
-OIFS="$IFS" IFS='
+OIFS="$IFS"
+IFS='
 '
 for module in `egrep '^[# 	]*(Add|Shared)Module' $src/Configuration.tmpl`; do
     add=yes
     share=no
-    if [ ".`echo $module | grep '^#'`" != . ]; then
+    if [ "x`echo $module | grep '^#'`" != "x" ]; then
         add=no
     fi
-    if [ ".`echo $module | grep 'SharedModule'`" != . ]; then
+    if [ "x`echo $module | grep 'SharedModule'`" != "x" ]; then
         share=yes
     fi
     module=`echo "$module" |\
@@ -227,7 +298,7 @@ for module in `egrep '^[# 	]*(Add|Shared)Module' $src/Configuration.tmpl`; do
     eval "shared_$module=$share"
     modules="${modules}:$module"
     modulelist="${modulelist}:$module=$add"
-    if [ ".$share" = .yes ]; then
+    if [ "x$share" = "xyes" ]; then
         modulelist="${modulelist}*"
     fi
 done
@@ -237,10 +308,11 @@ modules=`echo $modules | sed -e 's/^://'`
 #   backward compatibility for old src/Configuration.tmpl
 #   parameter names to the canonical Autoconf-style shell
 #   variable names.
-OIFS="$IFS" IFS="$DIFS"
+OIFS="$IFS"
+IFS="$DIFS"
 for var in CFLAGS LDFLAGS LIBS INCLUDES DEPS; do
     eval "val=\$EXTRA_$var"
-    if [ ".$val" != . ]; then
+    if [ "x$val" != "x" ]; then
         eval "$var=\$val"
         eval "EXTRA_$var=\"\"; export EXTRA_$var"
         echo " + Hint: please use $var instead of EXTRA_$var next time"
@@ -249,16 +321,35 @@ done
 IFS="$OIFS"
 
 ##
+## Platform-specific defaults
+##
+case $PLATFORM in
+    *-apple-rhapsody*)
+	default_layout="Mac OS X Server"
+	iflags_core="${iflags_core} -S \"-S\""
+	iflags_dso="${iflags_dso} -S \"-S\""
+	;;
+    *-apple-macos*)
+	default_layout="Mac OS X Server"
+	iflags_core="${iflags_core} -S \"-S\"" 
+	iflags_dso="${iflags_dso} -S \"-S\""
+	;;
+   *)
+	default_layout="Apache"
+	;;
+esac
+
+##
 ##  support for the default layout
 ##
 case "$*" in
     *--with-layout=* ) 
         ;;
     * ) 
-        if [ ".$*" = . ]; then
-            set -- '--with-layout=Apache'
+        if [ "x$*" = "x" ]; then
+            set -- --with-layout="$default_layout"
         else
-            set -- '--with-layout=Apache' "$@"
+            set -- --with-layout="$default_layout" "$@"
         fi
         ;;
 esac
@@ -271,11 +362,12 @@ esac
 ##  can be overridden by others.
 ##
 apc_prev=''
-OIFS1="$IFS" IFS="$DIFS"
+OIFS1="$IFS"
+IFS="$DIFS"
 for apc_option
 do
     #   if previous option needs an argument, assign it.
-    if [ ".$apc_prev" != . ]; then
+    if [ "x$apc_prev" != "x" ]; then
         eval "$apc_prev=\$apc_option"
         apc_prev=""
         continue
@@ -331,6 +423,7 @@ do
             echo " --with-perl=FILE       path to the optional Perl interpreter"
             echo " --without-support      disable the build and installation of support tools"
             echo " --without-confadjust   disable the user/situation adjustments in config"
+            echo " --without-execstrip    disable the stripping of executables on installation"
             echo ""
             echo "suEXEC options:"
             echo " --enable-suexec        enable the suEXEC feature"
@@ -348,7 +441,7 @@ do
             exit 0
             ;;
         --with-layout=*|--compat)
-            if [ ".$apc_option" = ".--compat" ]; then
+            if [ "x$apc_option" = "x--compat" ]; then
                 apc_optarg="Apache"
             fi
             case $apc_optarg in
@@ -372,10 +465,11 @@ do
                 -e "s/[ 	]*$/'/g" \
                 $file >$pldconf
             . $pldconf
-            OIFS="$IFS" IFS="$DIFS"
+            OOIFS="$IFS"  # most likely not needed: jmj
+            IFS="$DIFS"   # ditto
             for var in prefix exec_prefix bindir sbindir libexecdir mandir \
-                       sysconfdir datadir includedir localstatedir runtimedir \
-                       logfiledir proxycachedir; do
+                       sysconfdir datadir iconsdir htdocsdir cgidir includedir \
+                       localstatedir runtimedir logfiledir proxycachedir; do
                 eval "val=\"\$$var\""
                 case $val in
                     *+ )
@@ -388,15 +482,16 @@ do
                         ;;
                 esac
             done
-            IFS="$OIFS"
+            IFS="$OOIFS"
             rm -f $pldconf 2>/dev/null
-            if [ ".$prefix" = .UNSET ]; then
+            if [ "x$prefix" = "xUNSET" ]; then
                 echo "configure:Error: Path layout definition not found or incorrect" 1>&2
                 exit 1
             fi
-            if [ ".$quiet" = .no ]; then
+            if [ "x$quiet" = "xno" ]; then
                 echo " + using installation path layout: $name ($file)"
             fi
+            name_layout=$name
             with_layout=1
             ;;
         *)
@@ -411,11 +506,10 @@ done
 ##
 addconf_created=0
 apc_prev=''
-OIFS1="$IFS" IFS="$DIFS"
 for apc_option
 do
     #   if previous option needs an argument, assign it.
-    if [ ".$apc_prev" != . ]; then
+    if [ "x$apc_prev" != "x" ]; then
         eval "$apc_prev=\$apc_option"
         apc_prev=""
         continue
@@ -443,7 +537,7 @@ do
             case "$apc_option" in
                 --shadow=*)
                     shadow="$apc_optarg"
-                    if [ .$quiet = .no ]; then
+                    if [ "x$quiet" = "xno" ]; then
                         echo " + creating external package shadow tree ($shadow)"
                     fi
                     rm -rf $shadow 2>/dev/null
@@ -451,24 +545,26 @@ do
                     for file in $mkf $sedsubst $addconf $tplconf $pldconf $configstatus; do
                         rm -f $shadow/$file 2>/dev/null
                     done
-                    if [ .$quiet = .no ]; then
+                    if [ "x$quiet" = "xno" ]; then
                         echo " + switching to external package shadow tree ($shadow)"
                     fi
                     cd $shadow
                     ;;
             esac
             #   determine GNU platform triple
-            gnutriple=`$aux/GuessOS | sed -e 's:/:-:g' | $AWK '{ printf("%s",$1); }'`
+            #   (the use of `awk' and not `$AWK' here is correct, because this
+            #   Makefile is for platform bootstrapping, so don't hardcode paths)
+            gnutriple=`$aux/GuessOS | sed -e 's:/:-:g' | awk '{ printf("%s",$1); }'`
             #   create Makefile wrapper (the first time only)
-            if [ ".`ls $top/src.* 2>/dev/null`" = . ]; then
-                if [ .$quiet = .no ]; then
+            if [ "x`ls $top/src.* 2>/dev/null`" = "x" ]; then
+                if [ "x$quiet" = "xno" ]; then
                     echo " + creating Makefile (shadow wrapper)"
                 fi
                 echo "##" > Makefile
                 echo "##  Apache Makefile (shadow wrapper)" >> Makefile
                 echo "##" >> Makefile
                 echo "" >> Makefile
-                if [ ".$shadow" != . ]; then
+                if [ "x$shadow" != "x" ]; then
                     echo "SHADOW=$shadow" >> Makefile
                 else
                     echo "SHADOW=." >> Makefile
@@ -487,7 +583,7 @@ do
             shadowaddconf="src.$gnutriple/.apaci.addconf"
             shadowtplconf="src.$gnutriple/.apaci.tplconf"
             #   (re)create shadow tree
-            if [ .$quiet = .no ]; then
+            if [ "x$quiet" = "xno" ]; then
                 echo " + creating internal platform shadow tree ($shadowsrc)"
             fi
             rm -rf $shadowsrc
@@ -560,7 +656,7 @@ do
             ;;
         --add-module=*) 
             file="$apc_optarg"
-            if [ ".`echo $file | egrep '/?mod_[a-zA-Z0-9][a-zA-Z0-9_]*\.c$'`" = . ]; then
+            if [ "x`echo $file | egrep '/?mod_[a-zA-Z0-9][a-zA-Z0-9_]*\.c$'`" = "x" ]; then
                 echo "configure:Error: Module filename doesn't match '/?mod_[a-zA-Z0-9][a-zA-Z0-9_]*\.c'" 1>&2
                 exit 1
             fi
@@ -570,10 +666,10 @@ do
             fi
             modfilec=`echo $file | sed -e 's;^.*/;;'`
             modfileo=`echo $file | sed -e 's;^.*/;;' -e 's;\.c$;.o;'`
-            if [ ".$file" != ".$src/modules/extra/$modfilec" ]; then
+            if [ "x$file" != "x$src/modules/extra/$modfilec" ]; then
                 cp $file $src/modules/extra/$modfilec
             fi
-            if [ ".$addconf_created" = .0 ]; then
+            if [ "x$addconf_created" = "x0" ]; then
                 addconf_created=1
                 rm -f $addconf 2>/dev/null
                 touch $addconf 2>/dev/null
@@ -591,7 +687,7 @@ do
             eval "shared_$module=no"
             modules="${modules}:$module"
             modulelist="${modulelist}:$module=yes"
-            if [ ".$quiet" = .no ]; then
+            if [ "x$quiet" = "xno" ]; then
                 echo " + on-the-fly added and activated $module module (modules/extra/$modfileo)"
             fi
             ;;
@@ -599,12 +695,12 @@ do
             file="$apc_optarg"
             case $file in
                 src/modules/* ) ;;
-                *)  echo "configure:Error: Module source already has to stay below src/modules/ to be activated" 1>&2
+                *)  echo "configure:Error: Module source already has to be below src/modules/ to be activated" 1>&2
                     exit 1
                     ;;
             esac
             modfile=`echo $file | sed -e 's;^src/;;'`
-            if [ ".$addconf_created" = .0 ]; then
+            if [ "x$addconf_created" = "x0" ]; then
                 addconf_created=1
                 rm -f $addconf 2>/dev/null
                 touch $addconf 2>/dev/null
@@ -622,7 +718,7 @@ do
             eval "shared_$module=no"
             modules="${modules}:$module"
             modulelist="${modulelist}:$module=yes"
-            if [ ".$quiet" = .no ]; then
+            if [ "x$quiet" = "xno" ]; then
                 echo " + activated $module module ($modfile)"
             fi
             ;;
@@ -635,10 +731,10 @@ do
             esac
             case "$apc_feature" in
                 rule   )
-                    apc_optarg=`echo "$apc_optarg" | tr "A-Z" "a-z"`
-                    apc_optarg_real=`echo "$apc_optarg" | tr "a-z" "A-Z"`
+                    apc_optarg=`echo "$apc_optarg" | tr '[A-Z]' '[a-z]'`
+                    apc_optarg_real=`echo "$apc_optarg" | tr '[a-z]' '[A-Z]'`
                     eval "exists=\$rule_${apc_optarg}" 
-                    if [ ".$exists" = . ]; then
+                    if [ "x$exists" = "x" ]; then
                         echo "configure:Error: No such rule named '${apc_optarg_real}'" 1>&2
                         exit 1
                     fi
@@ -647,28 +743,32 @@ do
                 module ) 
                     case $apc_optarg in
                        all ) 
-                           OIFS="$IFS" IFS=':'
+                           OOIFS="$IFS"
+                           IFS=':'
                            for module in $modules; do
                                eval "module_${module}=yes" 
                            done
-                           IFS="$OIFS"
+                           IFS="$OOIFS"
+                           module_auth_digest=no # conflict with mod_digest
                            ;;
                        most ) 
-                           OIFS="$IFS" IFS=':'
+                           OOIFS="$IFS"
+                           IFS=':'
                            for module in $modules; do
                                eval "module_${module}=yes" 
                            done
-                           IFS="$OIFS"
+                           IFS="$OOIFS"
                            module_auth_db=no     # not all platforms have -ldb
                            module_mmap_static=no # not all platforms have mmap()
                            module_so=no          # not all platforms have dlopen()
                            module_example=no     # only for developers
+                           module_auth_digest=no # conflict with mod_digest
                            module_log_agent=no   # deprecated
                            module_log_referer=no # deprecated
                            ;;
                        * ) 
                            eval "exists=\$module_${apc_optarg}" 
-                           if [ ".$exists" = . ]; then
+                           if [ "x$exists" = "x" ]; then
                                echo "configure:Error: No such module named '${apc_optarg}'" 1>&2
                                exit 1
                            fi
@@ -679,28 +779,30 @@ do
                 shared ) 
                     case $apc_optarg in
                        max ) 
-                           OIFS="$IFS" IFS=':'
+                           OOIFS="$IFS"
+                           IFS=':'
                            for module in $modules; do
                                eval "shared_${module}=yes" 
                            done
-                           IFS="$OIFS"
+                           IFS="$OOIFS"
                            shared_so=no        # because of bootstrapping
                            ;;
                        remain ) 
-                           OIFS="$IFS" IFS=':'
+                           OOIFS="$IFS"
+                           IFS=':'
                            for module in $modules; do
                                eval "add=\$module_${module}" 
-                               if [ ".$add" = .no ]; then
+                               if [ "x$add" = "xno" ]; then
                                    eval "module_${module}=yes" 
                                    eval "shared_${module}=yes" 
                                fi
                            done
-                           IFS="$OIFS"
+                           IFS="$OOIFS"
                            shared_so=no
                            ;;
                        * ) 
                            eval "exists=\$module_${apc_optarg}" 
-                           if [ ".$exists" = . ]; then
+                           if [ "x$exists" = "x" ]; then
                                echo "configure:Error: No such module named '${apc_optarg}'" 1>&2
                                exit 1
                            fi
@@ -711,6 +813,10 @@ do
                 suexec ) 
                     suexec=1
                     ;;
+                * ) 
+                    echo "configure:Error: invalid option '$apc_option'" 1>&2
+                    exit 1
+                    ;;
             esac
             ;;
         --disable-*)
@@ -722,10 +828,10 @@ do
             esac
             case "$apc_feature" in
                 rule   ) 
-                    apc_optarg=`echo "$apc_optarg" | tr "A-Z" "a-z"`
-                    apc_optarg_real=`echo "$apc_optarg" | tr "a-z" "A-Z"`
+                    apc_optarg=`echo "$apc_optarg" | tr '[A-Z]' '[a-z]'`
+                    apc_optarg_real=`echo "$apc_optarg" | tr '[a-z]' '[A-Z]'`
                     eval "exists=\$rule_${apc_optarg}" 
-                    if [ ".$exists" = . ]; then
+                    if [ "x$exists" = "x" ]; then
                         echo "configure:Error: No such rule named '${apc_optarg_real}'" 1>&2
                         exit 1
                     fi
@@ -734,15 +840,16 @@ do
                 module )
                     case $apc_optarg in
                        all ) 
-                           OIFS="$IFS" IFS=':'
+                           OOIFS="$IFS"
+                           IFS=':'
                            for module in $modules; do
                                eval "module_${module}=no" 
                            done
-                           IFS="$OIFS"
+                           IFS="$OOIFS"
                            ;;
                        * ) 
                            eval "exists=\$module_${apc_optarg}" 
-                           if [ ".$exists" = . ]; then
+                           if [ "x$exists" = "x" ]; then
                                echo "configure:Error: No such module named '${apc_optarg}'" 1>&2
                                exit 1
                            fi
@@ -753,15 +860,16 @@ do
                 shared )
                     case $apc_optarg in
                        all ) 
-                           OIFS="$IFS" IFS=':'
+                           OOIFS="$IFS"
+                           IFS=':'
                            for module in $modules; do
                                eval "shared_${module}=no" 
                            done
-                           IFS="$OIFS"
+                           IFS="$OOIFS"
                            ;;
                        * ) 
                            eval "exists=\$module_${apc_optarg}" 
-                           if [ ".$exists" = . ]; then
+                           if [ "x$exists" = "x" ]; then
                                echo "configure:Error: No such module named '${apc_optarg}'" 1>&2
                                exit 1
                            fi
@@ -769,6 +877,10 @@ do
                            ;;
                     esac
                     ;;
+                * ) 
+                    echo "configure:Error: invalid option '$apc_option'" 1>&2
+                    exit 1
+                    ;;
             esac
             ;;
         --permute-module=*:*)
@@ -779,7 +891,7 @@ do
                     BEGIN|END)
                         ;;
                     *)  eval "exists=\$module_${mod}" 
-                        if [ ".$exists" = . ]; then
+                        if [ "x$exists" = "x" ]; then
                             echo "configure:Error: No such module named '${mod}'" 1>&2
                             exit 1
                         fi
@@ -803,6 +915,9 @@ do
         --without-confadjust)
             confadjust=0
             ;;
+        --without-execstrip)
+            iflags_program=`echo "$iflags_program" | sed -e 's/-s//'`
+            ;;
         --suexec-caller=*)
             suexec_caller="$apc_optarg"
             suexec_ok=1
@@ -838,11 +953,11 @@ do
     esac
 done
 IFS="$OIFS1"
-if [ ".$apc_prev" != . ]; then
+if [ "x$apc_prev" != "x" ]; then
     echo "configure:Error: missing argument to --`echo $apc_prev | sed 's/_/-/g'`" 1>&2
     exit 1
 fi
-if [ ".$addconf_created" = .0 ]; then
+if [ "x$addconf_created" = "x0" ]; then
     rm -f $addconf 2>/dev/null
     touch $addconf 2>/dev/null
 fi
@@ -861,9 +976,9 @@ echo "##  restoring your configuration. Additional parameters can be supplied."
 echo "##" >>$configstatus
 echo "" >>$configstatus
 for var in CC CPP OPTIM CFLAGS CFLAGS_SHLIB LDFLAGS LD_SHLIB LDFLAGS_SHLIB \
-           LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET SSL_BASE RSA_BASE; do
+           LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET EAPI_MM SSL_BASE RSA_BASE; do
     eval "val=\"\$$var\""
-    if [ ".$val" != . ]; then
+    if [ "x$val" != "x" ]; then
         echo "$var=$val" |\
         sed -e 's:\(["$\\]\):\\\1:g' \
             -e 's:\([A-Z]*=\):\1":' \
@@ -885,8 +1000,8 @@ chmod a+x $configstatus
 ##
 ##  a few errors and warnings
 ##
-if [ ".$suexec" = .1 ]; then
-    if [ ".$suexec_ok" = .0 ]; then
+if [ "x$suexec" = "x1" ]; then
+    if [ "x$suexec_ok" = "x0" ]; then
         echo "configure:Error: You enabled the suEXEC feature via --enable-suexec but"
         echo "                 without explicitly configuring it via at least one"
         echo "                 --suexec-xxxxx option. Seems like you are still not"
@@ -894,15 +1009,15 @@ if [ ".$suexec" = .1 ]; then
         echo "                 and htdocs/manual/suexec.html documents first."
         exit 1
     fi
-    if [ ".`id | grep root`" = . ]; then
-        echo " + Warning: You enabled the suEXEC feature. Be aware that you need" 1>&2
-        echo " + root privileges for this, at the latest at the installation step." 1>&2
+    if [ "x`$aux/getuid.sh`" != "x0" ]; then
+        echo " + Warning: You have enabled the suEXEC feature. Be aware that you need" 1>&2
+        echo " + root privileges to complete the final installation step." 1>&2
     fi
 fi
-if [ ".$PERL" = .no-perl-on-this-system ]; then
-    if [ .$quiet = .no ]; then
-        echo " + Warning: no Perl interpreter available for support scripts."
-        echo " + Perhaps you have to select one with --with-perl=FILE."
+if [ "x$PERL" = "xno-perl-on-this-system" ]; then
+    if [ "x$quiet" = "xno" ]; then
+        echo " + Warning: no Perl interpreter detected for support scripts."
+        echo " + Perhaps you need to specify one with --with-perl=FILE."
     fi
 fi
 
@@ -916,8 +1031,8 @@ fi
 ##
 ##  target name
 ##
-if [ ".$TARGET" != . ]; then
-    thetarget=$TARGET
+if [ "x$TARGET" != "x" ]; then
+    thetarget="$TARGET"
 else
     thetarget=httpd
 fi
@@ -926,19 +1041,30 @@ fi
 ##  expand path variables and make sure
 ##  they do not end with a backslash
 ##
-OIFS="$IFS" IFS="$DIFS"
+OIFS="$IFS"
+IFS="$DIFS"
 for var in prefix exec_prefix bindir sbindir libexecdir mandir \
-           sysconfdir datadir includedir localstatedir runtimedir \
-           logfiledir proxycachedir suexec_docroot suexec_logexec; do
+           sysconfdir datadir iconsdir htdocsdir cgidir includedir \
+           localstatedir runtimedir logfiledir proxycachedir \
+           suexec_docroot suexec_logexec; do
     eval "val=\"\$$var\"";
     val=`echo $val | sed -e 's:/*$::'`
     eval "$var=\"$val\""
     #   expand value
     eval "val=\$$var"
-    #   add target suffix when requested
-    if [ ".`echo $val | grep $thetarget`" = . ]; then
-        eval "autosuffix=\$autosuffix_$var"
-        if [ ".$autosuffix" = .yes ]; then
+    #   automatically add target suffix to path when it's
+    #   requested (path has a trailing plus in config.layout) and
+    #   looks reasonable (i.e. when "apache" or target-name
+    #   still not part of path)
+    eval "autosuffix=\$autosuffix_$var"
+    if [ "x$autosuffix" = "xyes" ]; then
+        addtarget=no
+        if [ "x`echo $val | grep apache`" = "x" ]; then
+            if [ "x`echo $val | grep $thetarget`" = "x" ]; then
+                addtarget=yes
+            fi
+        fi
+        if [ "x$addtarget" = "xyes" ]; then
             eval "$var=\"\$$var/$thetarget\""
         fi
     fi
@@ -948,9 +1074,13 @@ IFS="$OIFS"
 ##
 ##  determine special configurable Makefile targets
 ##
-if [ ".$support" = .1 ]; then
+if [ "x$support" = "x1" ]; then
     build_support='build-support'
-    install_support='install-support'
+    if [ "x$name_layout" = "xBinaryDistribution" ]; then
+        install_support='install-binsupport'
+    else
+        install_support='install-support'
+    fi
     clean_support='clean-support'
     distclean_support='distclean-support'
 else
@@ -962,21 +1092,33 @@ fi
 
 ##
 ##  determine special configuration parameters
+## 
+##  The checks via /etc/passwd and /etc/group will obviously fail
+##  on platforms using NIS. But then you propably do not want a
+##  UID/GID as production oriented as a web server in NIS anyway.
 ##
+conf_user="nobody"
 conf_group="#-1"
 conf_port="80"
 conf_port_ssl="443"
 conf_serveradmin="you@your.address"
 conf_servername="new.host.name"
-if [ ".$confadjust" = .1 ]; then
-    if [ ".`egrep '^nobody:' /etc/group`" != . ]; then
-        conf_group="nobody"
-    else
-        if [ ".`egrep '^nogroup:' /etc/group`" != . ]; then
-            conf_group="nogroup"
-        fi
+if [ "x$confadjust" = "x1" ]; then
+    if [ -f /etc/passwd ]; then
+        for uid in nobody www daemon demon http httpd; do 
+            if [ "x`egrep \^${uid}: /etc/passwd`" != "x" ]; then
+                conf_user="$uid"
+                break
+            fi
+        done
+        for gid in nobody nogroup www daemon demon http httpd; do 
+            if [ "x`egrep \^${gid}: /etc/group`" != "x" ]; then
+                conf_group="$gid"
+                break
+            fi
+        done
     fi
-    if [ ".`id | grep root`" = . ]; then
+    if [ "x`$aux/getuid.sh`" != "x0" ]; then
         conf_port="8080"
         conf_port_ssl="8443"
     fi
@@ -1001,7 +1143,7 @@ libexecdir_relative=`echo $libexecdir | sed -e "s:^$prefix/*::" -e 's:\(.\)$:\1/
 ##
 ##  check and debug
 ##
-if [ ".$show_layout" = .1 ]; then
+if [ "x$show_layout" = "x1" ]; then
     echo ""
     echo "Installation paths:"
     echo "               prefix: $prefix"
@@ -1012,6 +1154,9 @@ if [ ".$show_layout" = .1 ]; then
     echo "               mandir: $mandir" 
     echo "           sysconfdir: $sysconfdir" 
     echo "              datadir: $datadir" 
+    echo "             iconsdir: $iconsdir" 
+    echo "            htdocsdir: $htdocsdir" 
+    echo "               cgidir: $cgidir" 
     echo "           includedir: $includedir" 
     echo "        localstatedir: $localstatedir" 
     echo "           runtimedir: $runtimedir" 
@@ -1030,9 +1175,9 @@ if [ ".$show_layout" = .1 ]; then
     echo "   SERVER_CONFIG_FILE: ${sysconfdir_relative}${thetarget}.conf"
     echo "   ACCESS_CONFIG_FILE: ${sysconfdir_relative}access.conf"
     echo " RESOURCE_CONFIG_FILE: ${sysconfdir_relative}srm.conf"
-    echo "  SSL_CERTIFCATE_FILE: ${sysconfdir_relative}ssl.crt/server.crt"
+    echo " SSL_CERTIFICATE_FILE: ${sysconfdir_relative}ssl.crt/server.crt"
     echo ""
-    if [ ".$suexec" = .1 ]; then
+    if [ "x$suexec" = "x1" ]; then
         echo "suEXEC setup:"
         echo "        suexec binary: $sbindir/suexec"
         echo "        document root: $suexec_docroot"
@@ -1050,15 +1195,22 @@ fi
 ##
 ##  create Makefile from Makefile.tmpl
 ##
-if [ .$quiet = .no ]; then
+if [ "x$quiet" = "xno" ]; then
     echo "Creating $mkf"
 fi
 sed <Makefile.tmpl >$mkf \
 -e "s%@PERL@%$PERL%g" \
+-e "s%@TAR@%$TAR%g" \
+-e "s%@TAROPT@%$TAROPT%g" \
 -e "s%@SRC@%$src%g" \
 -e "s%@MKF@%$mkf%g" \
 -e "s%@AUX@%$aux%g" \
 -e "s%@TARGET@%$thetarget%g" \
+-e "s%@IFLAGS_PROGRAM@%$iflags_program%g" \
+-e "s%@IFLAGS_CORE@%$iflags_core%g" \
+-e "s%@IFLAGS_DSO@%$iflags_dso%g" \
+-e "s%@IFLAGS_SCRIPT@%$iflags_script%g" \
+-e "s%@IFLAGS_DATA@%$iflags_data%g" \
 -e "s%@prefix@%$prefix%g" \
 -e "s%@exec_prefix@%$exec_prefix%g" \
 -e "s%@bindir@%$bindir%g" \
@@ -1068,6 +1220,9 @@ sed <Makefile.tmpl >$mkf \
 -e "s%@mandir@%$mandir%g" \
 -e "s%@sysconfdir@%$sysconfdir%g" \
 -e "s%@datadir@%$datadir%g" \
+-e "s%@iconsdir@%$iconsdir%g" \
+-e "s%@htdocsdir@%$htdocsdir%g" \
+-e "s%@cgidir@%$cgidir%g" \
 -e "s%@localstatedir@%$localstatedir%g" \
 -e "s%@includedir@%$includedir%g" \
 -e "s%@runtimedir@%$runtimedir%g" \
@@ -1082,6 +1237,7 @@ sed <Makefile.tmpl >$mkf \
 -e "s%@suexec_gidmin@%$suexec_gidmin%g" \
 -e "s%@suexec_safepath@%$suexec_safepath%g" \
 -e "s%@ssl@%$ssl%g" \
+-e "s%@conf_user@%$conf_user%g" \
 -e "s%@conf_group@%$conf_group%g" \
 -e "s%@conf_port@%$conf_port%g" \
 -e "s%@conf_port_ssl@%$conf_port_ssl%g" \
@@ -1090,7 +1246,8 @@ sed <Makefile.tmpl >$mkf \
 -e "s%@build_support@%$build_support%g" \
 -e "s%@install_support@%$install_support%g" \
 -e "s%@clean_support@%$clean_support%g" \
--e "s%@distclean_support@%$distclean_support%g"
+-e "s%@distclean_support@%$distclean_support%g" \
+-e "s%@SHELL@%$SHELL%g"
 
 ##
 ##  override default paths in $src/include/httpd.h
@@ -1112,25 +1269,27 @@ echo "echo '-DTYPES_CONFIG_FILE=\"${sysconfdir_relative}mime.types\"'" >>$src/ap
 echo "echo '-DSERVER_CONFIG_FILE=\"${sysconfdir_relative}${thetarget}.conf\"'" >>$src/apaci
 echo "echo '-DACCESS_CONFIG_FILE=\"${sysconfdir_relative}access.conf\"'" >>$src/apaci
 echo "echo '-DRESOURCE_CONFIG_FILE=\"${sysconfdir_relative}srm.conf\"'" >>$src/apaci
-echo "echo '-DSSL_CERTIFCATE_FILE=\"${sysconfdir_relative}ssl.crt/server.crt\"'" >>$src/apaci
+echo "echo '-DSSL_CERTIFICATE_FILE=\"${sysconfdir_relative}ssl.crt/server.crt\"'" >>$src/apaci
+echo "echo '-DEAPI_MM_CORE_PATH=\"${runtimedir_relative}${thetarget}.mm\"'" >>$src/apaci
 chmod a+x $src/apaci
 CFLAGS="$CFLAGS \\\`\$(SRCDIR)/apaci\\\`"
 
 ##
 ##  create $src/Configuration.apaci file
 ##
-if [ .$quiet = .no ]; then
+if [ "x$quiet" = "xno" ]; then
     echo "Creating Configuration.apaci in $src"
 fi
 rm -f $sedsubst 2>/dev/null
 touch $sedsubst
 
 #   generate settings from imported environment variables
-OIFS="$IFS" IFS="$DIFS"
+OIFS="$IFS"
+IFS="$DIFS"
 for var in CC CPP OPTIM CFLAGS CFLAGS_SHLIB LDFLAGS LD_SHLIB LDFLAGS_SHLIB \
-           LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET SSL_BASE RSA_BASE; do
+           LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET EAPI_MM SSL_BASE RSA_BASE; do
     eval "val=\"\$$var\"";
-    if [ ".$val" != . ]; then
+    if [ "x$val" != "x" ]; then
         case $var in 
             CFLAGS|LDFLAGS|LIBS|INCLUDES|DEPS) 
                 echo $SEO "s%^#*\\(EXTRA_$var=\\).*%\\1$val%g" >>$sedsubst
@@ -1145,12 +1304,13 @@ done
 IFS="$OIFS"
 
 #   generate rule directives 
-OIFS="$IFS" IFS=':'
+OIFS="$IFS"
+IFS=':'
 for rule in $rules; do
-    name="`echo $rule | tr "a-z" "A-Z"`"
+    name="`echo $rule | tr '[a-z]' '[A-Z]'`"
     eval "val=\$rule_$rule"
     echo $SEO "s%^\\(Rule $name=\\).*%\\1$val%g" >>$sedsubst
-    if [ $verbose = yes ]; then
+    if [ "x$verbose" = "xyes" ]; then
         echo " + Rule $name=$val"
     fi
 done
@@ -1158,32 +1318,34 @@ IFS="$OIFS"
 
 #   consistency checks for shared object support
 some_shares=0
-OIFS="$IFS" IFS=':'
+OIFS="$IFS"
+IFS=':'
 for module in $modules; do
     eval "share=\$shared_$module"
-    if [ $share = yes ]; then
+    if [ "x$share" = "xyes" ]; then
         some_shares=1
     fi
 done
 IFS="$OIFS"
-if [ $some_shares = 1 ]; then
-    if [ $module_so = no ]; then
+if [ "x$some_shares" = "x1" ]; then
+    if [ "x$module_so" = "xno" ]; then
         module_so=yes
-        if [ .$quiet = .no ]; then
+        if [ "x$quiet" = "xno" ]; then
             echo " + enabling mod_so for DSO support"
         fi
     fi
 fi
-if [ ".$shared_so" = .yes ]; then
+if [ "x$shared_so" = "xyes" ]; then
     shared_so=no
     echo "configure:Error: Module mod_so cannot be made a DSO itself" 1>&2
     exit 1
 fi
 
 #   module permutation support
-if [ ".$permute" != . ]; then
+if [ "x$permute" != "x" ]; then
     sed -e '/## mod_mmap_static/,$d' <src/Configuration.tmpl >$tplconf
-    OIFS="$IFS" IFS='
+    OIFS="$IFS"
+    IFS='
 '
     for line in `cat src/Configuration.tmpl $addconf | egrep '^[# ]*(Add|Shared)Module'`; do
         name=`echo "$line" |\
@@ -1253,29 +1415,45 @@ else
 fi
 
 #   generate module directives
-OIFS="$IFS" IFS=':'
+#   (paths are modules/foo/mod_bar.ext and modules/foo/libbar.ext)
+OIFS="$IFS"
+IFS=':'
 for module in $modules; do
     eval "add=\$module_$module"
-    if [ $add = yes ]; then
-        echo $SEO "s%^.*\\(AddModule.*[_b/]$module\\..*\\)%\\1%g" >>$sedsubst
-        echo $SEO "s%^.*\\(SharedModule.*[_b/]$module\\..*\\)%\\1%g" >>$sedsubst
-        m="yes [static]"
+    if [ "x$add" = "xyes" ]; then
+        echo $SEO "s%^.*\\(AddModule.*mod_$module\\..*\\)%\\1%g" >>$sedsubst
+        echo $SEO "s%^.*\\(AddModule.*lib$module\\..*\\)%\\1%g" >>$sedsubst
+        echo $SEO "s%^.*\\(SharedModule.*mod_$module\\..*\\)%\\1%g" >>$sedsubst
+        echo $SEO "s%^.*\\(SharedModule.*lib$module\\..*\\)%\\1%g" >>$sedsubst
+        m="yes"
     else
-        echo $SEO "s%^.*\\(AddModule.*[_b/]$module\\..*\\)%# \\1%g" >>$sedsubst
-        echo $SEO "s%^.*\\(SharedModule.*[_b/]$module\\..*\\)%# \\1%g" >>$sedsubst
+        echo $SEO "s%^.*\\(AddModule.*mod_$module\\..*\\)%# \\1%g" >>$sedsubst
+        echo $SEO "s%^.*\\(AddModule.*lib$module\\..*\\)%# \\1%g" >>$sedsubst
+        echo $SEO "s%^.*\\(SharedModule.*mod_$module\\..*\\)%# \\1%g" >>$sedsubst
+        echo $SEO "s%^.*\\(SharedModule.*lib$module\\..*\\)%# \\1%g" >>$sedsubst
         m=no
     fi
     eval "share=\$shared_$module"
-    if [ $share = yes ]; then
-        echo $SEO "s%^\\(.*\\)AddModule\\(.*[_b/]$module\\.\\)[oam].*\\(.*\\)%\\1SharedModule\\2so\\3%g" >>$sedsubst
-        m="yes [shared]"
+    if [ "x$share" = "xyes" ]; then
+        echo $SEO "s%^\\(.*\\)AddModule\\(.*mod_$module\\.\\)[oam].*\\(.*\\)%\\1SharedModule\\2so\\3%g" >>$sedsubst
+        echo $SEO "s%^\\(.*\\)AddModule\\(.*lib$module\\.\\)[oam].*\\(.*\\)%\\1SharedModule\\2so\\3%g" >>$sedsubst
+        m="$m [shared]"
     fi
-    if [ $verbose = yes ]; then
+    if [ "x$verbose" = "xyes" ]; then
         echo " + Module $module: $m"
     fi
 done
 IFS="$OIFS"
 
+# translate module names to dll names for OS/2 so that they are no more
+# than 8 characters long and have an extension of "dll" instead of "so"
+case $PLATFORM in
+    *OS/2* ) 
+        echo $SEO "s%/mod_\\(.\\{1,8\\}\\).*\\.so%/\\1\\.dll%" >>$sedsubst
+        echo $SEO "s%/\\(lib.*\\)\\.so$%/\\1.dll%" >>$sedsubst
+        ;;
+esac
+
 #   split sedsubst into chunks of 50 commands
 #   to workaround limits in braindead seds
 files=`$AWK <$sedsubst '
@@ -1290,7 +1468,8 @@ files=`$AWK <$sedsubst '
         print $0 >file;
     }
 ' "sedsubst=$sedsubst"`
-OIFS="$IFS" IFS="$DIFS"
+OIFS="$IFS"
+IFS="$DIFS"
 substcmd=""
 for file in $files; do
     substcmd="${substcmd} sed -f $file |"
@@ -1311,7 +1490,7 @@ rm -f $tplconf 2>/dev/null
 ##  create all other Makefiles by running the proprietary 
 ##  $src/Configure script with our custom Configuration.apaci file
 ##
-if [ .$quiet = .yes ]; then
+if [ "x$quiet" = "xyes" ]; then
     (cd $src; ./Configure -file Configuration.apaci >/dev/null);
 else
     (cd $src; ./Configure -file Configuration.apaci |\
@@ -1323,8 +1502,8 @@ fi
 ##
 ##  final hints
 ##
-if [ .$quiet = .no ]; then
-    if [ ".$shadow" != . ]; then
+if [ "x$quiet" = "xno" ]; then
+    if [ "x$shadow" != "x" ]; then
         echo "Hint: You now have to build inside $shadow."
         echo "This can be done either by running the canonical commands"
         echo "  \$ cd $shadow"