Remove expired ports:
2016-03-01 net/samba4: not supported by the upstream
2016-03-01 net/isc-dhcp42-client: isc-dhcp 4.2 is End of Life
2016-03-01 net/isc-dhcp41-relay: isc-dhcp 4.1 is now End of Life
2016-03-01 net/isc-dhcp42-relay: isc-dhcp 4.2 is End of Life
2016-03-01 net/isc-dhcp41-client: isc-dhcp 4.1 is now End of Life
2016-03-01 net/isc-dhcp42-server: isc-dhcp 4.2 is End of Life
2016-03-01 devel/pear-IO_Bit: Unsupported upstream
2016-03-01 graphics/pear-IO_SWF: Unsupported upstream

Remove deprecated @dirrm's from pkg-plist of samba ports.
Note that net/samba4 got it's PORTVERSION bumped as stage-qa found
one file not included in pkg-plist.

PR:		205950
Submitted by:	myself
Approved by:	maintainer timeout

Mark Samba 4 as deprecated, as it's not supported by upstream anymore. Also
address prolems with current p5-Parse-Pidl by using bundled version.

Update Samba4* ports to the latest supplimentary libs and versions.

Improve shebangfix framework

- Support multiple values in *_OLD_CMD, i.e. we can now fix both
"/usr/bin/python" and "/usr/bin/env python" at the same time
- Default *_OLD_CMD values are now always appended, so you don't need to specify
them in individual ports
- Add lua support (depends on USES=lua)
- Add more default values, such as "/usr/bin/env foo" for python, perl, bash,
ruby and lua
- Shebangfix now matches whole words, e.g. we will no longer (erroneously)
replace "/usr/bin/perl5.005" with "${perl_CMD}5.005" (but "/usr/bin/perl -tt" is
still (correctly) replaced with "${perl_CMD} -tt")

Note that *_OLD_CMD items containing spaces must now be quoted (e.g.
perl_OLD_CMD=/bin/perl /usr/bin/perl "/usr/bin/env perl")

Update shebangfix usage according to new rules in many ports:

- Remove *_OLD_CMD for patterns now replaced by default
- Quote custom *_OLD_CMD which contain spaces

Fix shebangfix usage in many ports (irrelevant to infrastructure change):

- Remove redundant SHEBANG_LANG (no need to duplicate default langs)
- Remove redundant *_CMD (such as
python_CMD=${LOCALBASE}/bin/python${PYTHON_VER} when USES=python is present)
- Never use *_OLD_CMD in REINPLACE_CMD matchers, these should always look for
exact string

Approved by:	portmgr (bapt)
Differential Revision:	D3756

Remove iconv(), iconv_open() and iconv_close() symbols from libiconv.

These were FreeBSD specific aliases for libiconv(), libiconv_open() and
libiconv_close() that are now also provided by libc which complicates
writing configure tests that work correctly when both libc iconv and
libiconv are available.

Also, because the libiconv iconv.h header redefines iconv* to libiconv*
correct use of the header implies that the aliases aren't used.

The following ports needed fixes because there was something wrong with
the way they tried to detect or use iconv:

audio/deadbeef: Remove LIBICONV_PLUG from a source file.  It's a
compile-time option and should not be set in source code.

Remove trailing whitespace from Makefiles, M-X.

Switch default python_CMD used by shebangfix to ${PYTHON_CMD} for ports
using python

PR:		201077
Reviewed by:	mat
With hat:	portmgr
Differential Revision:	https://reviews.freebsd.org/D2955

Update net/samba4 port to the 4.0.26 version.

MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight

Add a new USES=waf to handle the waf building system, allowing to factorise code
Plug waf into MAKE_CMD and CONFIGURE_CMD so the regular defined targets can be
reused

Always define _MAKE_JOBS so that when bsd.port.mk will stop overwritting
_MAKE_JOBS when parallel jobs are disabled we can enforce -j1 (which is needed
to really disable parallelisation with waf

WAF_CMD has been created to allow one to override the location of the waf script
relatively to WRKSRC

CONFIGURE_TARGET is by default defined to "configure"
ALL_TARGET is by default defined to "build"
INSTALL_TARGET is by default defined to "install"

USES=waf is by default stagedir safe

Remove OSVERSION checks that do not make sense any more.

For example (${OSVERSION} >= 900000 && ${OSVERSION} < 900021) is always true,
as is (${OSVERSION} > 900002 || ${OSVERSION} < 900000 && ${OSVERSION} > 800107).

Regarding patches, when an EXTRA_PATCHES is no longer needed, I remove it, when
it is always needed, I renamed it, in one case, I merged two patches.

Differential Revision:	https://reviews.freebsd.org/D2209

net category: Remove $PTHREAD_LIBS

openafs did not pass check-plist (pre-existing) so fixed and bumped.
Also, pkg-plist was sorted.  mediatomb and spread also fail plist-checks
but they weren't fixed.

approved by:	PTHREAD blanket

Update samba ports to address CVE-2015-0240

Security:	CVE-2015-0240

Update ports net/samba4 and net/samba41 to address recent security issue with
the elevation of privilege to ADDC.

Security:	CVE-2014-8143

Minor net/samba* ports cleanups:

  - Drop leading article from COMMENT and use neutral spelling of Unix
  - Sort USES alphabetically and wrap it if necessary
  - Rename FAM_SUPPORT to standard option FAM, drop FAM_SUPPORT_DESC
  - Fix a typo in AIO_SUPPORT_DESC (Asyncronous -> Asynchronous)
  - Consistently reword PAM_SMBPASS option description
  - Kill one case of EOL whitespace and bogus uses of := operator

Approved by:	maintainer (timur; timeout since 2014.12.16)

security/libgcrypt: 1.6.1 -> 1.6.2, bump depends

Changes:
- src/sexp.c (do_vsexp_sscan): Return error for invalid args.
- cipher/md.c (_gcry_md_info): Fix a segv in case of calling
  with wrong parameters.
- cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
  error code, possible NULL deref in call to prime generator.
- cipher/dsa.c (generate): Take care of new return code.
- cipher/elgamal.c (generate): Change to return an error code.  Take
	care of _gcry_generate_elg_prime return code.
- ecc: Support the non-standard 0x40 compression flag for EdDSA.
- mpi: Extend the internal mpi_get_buffer.
- mpi: Fix regression for powerpc-apple-darwin detection.
- Fix bug inhibiting the use of the sentinel attribute in src/gcrypt.h.in

Update port to newer version. Work around removed PLIST_REINPLACE, synced with
samba41 configuration options.

PR:		193415

- Convert ports of net/ to new USES=python

Approved by:	portmgr (implicit)

Remove dns/bind98, it is EOL.

Chase remaining dependencies.

Sponsored by:	Absolight

Add CPE support on request of the security officer.

Upgrade ports to address CVE-2014-3560.

Security:	CVE-2014-3560

net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample

- Replace security/gnutls with security/gnutls3 and update to 3.2.15
- Bump PORTREVISION on all ports that depend on security/gnutls and
  adjust all ports that depend on security/gnutls3
- Update mail/anubis to version 4.2 which supports gnutls 3.x
- Update mail/libvmime to a development snapshot (recommended by upstream
  developers)

PR:		191274
Exp-run by:	antoine
Approved by:	portmgr (antoine)

samba36:
	Add DOCS and EXAMPLES OPTIONS, and put the stuff in EXAMPLESDIR behind
PORTEXAMPLES.

samba4/samba41:
	Add DOCS OPTION, given that the port already tests for PORT_OPTIONS:MDOCS

Security update for Samba 3.6, 4.0 and 4.1.

PR:		190166
Security:	CVE-2014-0244
		CVE-2014-3493
		CVE-2014-0239
		CVE-2014-0178

Fix make checksum for devel/p5-Parse-Pidl

With hat:	portmgr

Convert all :U to :tu and :L to :tl

Since FreeBSD 8.4 and FreeBSD 9.1 make(1) do support :tu and :tl as a
replacement for :U and :L (which has been marked as deprecated)

bmake which is the default on FreeBSD 10+ only support by default
:tu/:tl a hack has been added at the time to support :U and :L to ease
migration. This hack is now not necessary anymore

Note that this makes the ports tree incompatible with make(1) from
FreeBSD 8.3 or earlier

With hat:	portmgr

WINBIND remained masked in the plist, which made it incomplete.

Fix build.

With hat:	portmgr
Sponsored by:	Absolight

Extra STAGEDIR in post-install stage.

Update Samba4 to the newer version. Sync Makefile and structure with Samba41.

Security update:

	net/samba36 -> 3.6.23
	net/samba4  -> 4.0.16
	net/samba41 -> 4.1.6

Security:	03e48bf5-a96d-11e3-a556-3c970e169bc2

Python cleanup:
- USE_PYTHON* = 2.X -> USE_PYTHON* = 2
- USE_PYTHON* = 2.X+ -> USE_PYTHON* = yes
Reviewed by:	python (mva, rm)
Approved by:	portmgr-lurkers (mat)

Convert the tree to USES=fam

Approved by:	portmgr (bapt)

net/samba4: fix usage of python to remove implicit dependency

Reported by:	exp-run (PR 184591)
Approved by:	portmgr (blanket)

Update port to 4.0.13 version to address security issues.

Security:	CVE-2012-6150
		CVE-2013-4408

Fix STAGEDIR packaging problems in pkg-install script

Upgrade port to the 4.0.12 version, closing CVE-2013-4475 and CVE-2013-4476.
Remove dependency from gettext. Converted to STAGEDIR.

PR:		183872, 183885
Security:	CVE-2013-4475
		CVE-2013-4476
Sponsored by:	my wife

Add NO_STAGE all over the place in preparation for the staging support (cat:
net)

- Remove last vestiges of MAKE_JOBS_SAFE knob

Approved by:	portmgr (bapt)

- convert to the new perl5 framework
- convert USE_GMAKE to Uses

Approved by:	portmgr (bapt@, blanket)

. introduce ICONV_CONFIGURE_BASE variable at Mk/Uses/iconv.mk. It's value is
  "--with-libiconv=${LOCALBASE}" at systems pre OSVERSION 100043 and "" (null)
  otherwise;
. convert all ports which has CONFIGURE_ARGS=--with-libiconv=${LOCALBASE}.

Approved by:	portmgr (bapt, implicit)

- Remove MAKE_JOBS_SAFE variable

Approved by:	portmgr (bdrewery)

Security update

Security:	CVE-2013-4124

Update port to the latest 4.0.7 version. Main binary samba4 was renamed back
to samba.

Chase security/libgcrypt update

- Convert USE_ICONV=yes to USES=iconv
- Change USE_GNOME=pkgconfig|gnomehack to USES=pathfix|pkgconfig while here

Reviewed by:	zeising

- Convert USE_GETTEXT to USES (part 4)

Approved by:	portmgr (bapt)

Finish converting the whole ports tree to USES=pkgconfig

Update port to the 4.0.4 version, closing CVE-2013-1863. Fix winbindd to
retrieve getgroupmembership() list directly, which fixed behaviour of 'id'.
Remove obsolete set_var in startup script.

Security:	CVE-2013-1863

New 4.0.3 revision of the net/samba4 port. Now we have our own AD!

Move samba4-devel port into samba4. Preparing for the release