Remove expired ports:
2016-03-01 net/samba41: not supported by the upstream
2016-04-01 net/samba-smbclient: not supported by the upstream
2016-04-01 net/samba-libsmbclient: not supported by the upstream
2016-04-01 net/samba-nmblookup: not supported by the upstream
2016-04-01 net/samba36: not supported by the upstream

Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight

- Update security/gnutls to 3.4.10.
- Rename the LIBDANE option DANE because that's the name of the protocol
  supported by libgnutls-dane and gnutls-cli.  Also clarify the option
  description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4.  Some ports used this library
  in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed.  Ports that used these have been
  updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.

net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.

www/hydra: Mark BROKEN.  This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.

PR:		207768
Exp-run by:	antoine
Approved by:	portmgr (antoine)

Combine print/cups-base, print/cups-client and print/cups-image into
print/cups and update it to 2.1.3.  Also remove print/cups-pstoraster,
improve print/cups-filters, print/foomatic-* and update print/hplip to
3.16.2.

Long description:

First some background.  When you hand a file to cups it sets up a chain of
filter programs that converts the file to something a printer understands.
Each filter has a cost associated with it and cups tries to find the
cheapest chain.  Costs used to be configured in such a way that files were
first converted to PostScript.  This could then be manipulated further (e.g.
putting multiple pages on one sheet) before finally being sent to a
PostScript printer or another filter like pstoraster which produces a raster
format understood by non-PostScript printer drivers.  Nowadays most filters

Remove deprecated @dirrm's from pkg-plist of samba ports.
Note that net/samba4 got it's PORTVERSION bumped as stage-qa found
one file not included in pkg-plist.

PR:		205950
Submitted by:	myself
Approved by:	maintainer timeout

A security fix release of Samba 4.1, 4.2 and 4.3. Samba 4.1 is also marked as
deprecated.

Security:	CVE-2015-3223
		CVE-2015-5252
		CVE-2015-5299
		CVE-2015-5296
		CVE-2015-8467
		CVE-2015-5330

Update Samba4* ports to the latest supplimentary libs and versions.

Improve shebangfix framework

- Support multiple values in *_OLD_CMD, i.e. we can now fix both
"/usr/bin/python" and "/usr/bin/env python" at the same time
- Default *_OLD_CMD values are now always appended, so you don't need to specify
them in individual ports
- Add lua support (depends on USES=lua)
- Add more default values, such as "/usr/bin/env foo" for python, perl, bash,
ruby and lua
- Shebangfix now matches whole words, e.g. we will no longer (erroneously)
replace "/usr/bin/perl5.005" with "${perl_CMD}5.005" (but "/usr/bin/perl -tt" is
still (correctly) replaced with "${perl_CMD} -tt")

Note that *_OLD_CMD items containing spaces must now be quoted (e.g.
perl_OLD_CMD=/bin/perl /usr/bin/perl "/usr/bin/env perl")

Update shebangfix usage according to new rules in many ports:

- Remove *_OLD_CMD for patterns now replaced by default
- Quote custom *_OLD_CMD which contain spaces

Fix shebangfix usage in many ports (irrelevant to infrastructure change):

- Remove redundant SHEBANG_LANG (no need to duplicate default langs)
- Remove redundant *_CMD (such as
python_CMD=${LOCALBASE}/bin/python${PYTHON_VER} when USES=python is present)
- Never use *_OLD_CMD in REINPLACE_CMD matchers, these should always look for
exact string

Approved by:	portmgr (bapt)
Differential Revision:	D3756

Remove iconv(), iconv_open() and iconv_close() symbols from libiconv.

These were FreeBSD specific aliases for libiconv(), libiconv_open() and
libiconv_close() that are now also provided by libc which complicates
writing configure tests that work correctly when both libc iconv and
libiconv are available.

Also, because the libiconv iconv.h header redefines iconv* to libiconv*
correct use of the header implies that the aliases aren't used.

The following ports needed fixes because there was something wrong with
the way they tried to detect or use iconv:

audio/deadbeef: Remove LIBICONV_PLUG from a source file.  It's a
compile-time option and should not be set in source code.

Remove trailing whitespace from Makefiles, M-X.

Switch default python_CMD used by shebangfix to ${PYTHON_CMD} for ports
using python

PR:		201077
Reviewed by:	mat
With hat:	portmgr
Differential Revision:	https://reviews.freebsd.org/D2955

Remove USES=fakeroot, it hangs when building as a regular user and doesn't
seem necessary

Upgrade Samba41 port to 4.1.18.

MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight

Add a new USES=waf to handle the waf building system, allowing to factorise code
Plug waf into MAKE_CMD and CONFIGURE_CMD so the regular defined targets can be
reused

Always define _MAKE_JOBS so that when bsd.port.mk will stop overwritting
_MAKE_JOBS when parallel jobs are disabled we can enforce -j1 (which is needed
to really disable parallelisation with waf

WAF_CMD has been created to allow one to override the location of the waf script
relatively to WRKSRC

CONFIGURE_TARGET is by default defined to "configure"
ALL_TARGET is by default defined to "build"
INSTALL_TARGET is by default defined to "install"

USES=waf is by default stagedir safe

Remove OSVERSION checks that do not make sense any more.

For example (${OSVERSION} >= 900000 && ${OSVERSION} < 900021) is always true,
as is (${OSVERSION} > 900002 || ${OSVERSION} < 900000 && ${OSVERSION} > 800107).

Regarding patches, when an EXTRA_PATCHES is no longer needed, I remove it, when
it is always needed, I renamed it, in one case, I merged two patches.

Differential Revision:	https://reviews.freebsd.org/D2209

net category: Remove $PTHREAD_LIBS

openafs did not pass check-plist (pre-existing) so fixed and bumped.
Also, pkg-plist was sorted.  mediatomb and spread also fail plist-checks
but they weren't fixed.

approved by:	PTHREAD blanket

Update samba ports to address CVE-2015-0240

Security:	CVE-2015-0240

Update ports net/samba4 and net/samba41 to address recent security issue with
the elevation of privilege to ADDC.

Security:	CVE-2014-8143

Minor net/samba* ports cleanups:

  - Drop leading article from COMMENT and use neutral spelling of Unix
  - Sort USES alphabetically and wrap it if necessary
  - Rename FAM_SUPPORT to standard option FAM, drop FAM_SUPPORT_DESC
  - Fix a typo in AIO_SUPPORT_DESC (Asyncronous -> Asynchronous)
  - Consistently reword PAM_SMBPASS option description
  - Kill one case of EOL whitespace and bogus uses of := operator

Approved by:	maintainer (timur; timeout since 2014.12.16)

security/libgcrypt: 1.6.1 -> 1.6.2, bump depends

Changes:
- src/sexp.c (do_vsexp_sscan): Return error for invalid args.
- cipher/md.c (_gcry_md_info): Fix a segv in case of calling
  with wrong parameters.
- cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
  error code, possible NULL deref in call to prime generator.
- cipher/dsa.c (generate): Take care of new return code.
- cipher/elgamal.c (generate): Change to return an error code.  Take
	care of _gcry_generate_elg_prime return code.
- ecc: Support the non-standard 0x40 compression flag for EdDSA.
- mpi: Extend the internal mpi_get_buffer.
- mpi: Fix regression for powerpc-apple-darwin detection.
- Fix bug inhibiting the use of the sentinel attribute in src/gcrypt.h.in

Upgrade to the 4.1.14 version.

Fix an error in generation of the list of additional modules.

PR:		194548

Upgrade net/samba41 to 4.1.13 version

PR:		191439
		193416
		193734
		194046

Add CPE support on request of the security officer.

- Fix plist

Reported on freenode

Upgrade ports to address CVE-2014-3560.

Security:	CVE-2014-3560

net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample

- Replace security/gnutls with security/gnutls3 and update to 3.2.15
- Bump PORTREVISION on all ports that depend on security/gnutls and
  adjust all ports that depend on security/gnutls3
- Update mail/anubis to version 4.2 which supports gnutls 3.x
- Update mail/libvmime to a development snapshot (recommended by upstream
  developers)

PR:		191274
Exp-run by:	antoine
Approved by:	portmgr (antoine)

samba36:
	Add DOCS and EXAMPLES OPTIONS, and put the stuff in EXAMPLESDIR behind
PORTEXAMPLES.

samba4/samba41:
	Add DOCS OPTION, given that the port already tests for PORT_OPTIONS:MDOCS

Security update for Samba 3.6, 4.0 and 4.1.

PR:		190166
Security:	CVE-2014-0244
		CVE-2014-3493
		CVE-2014-0239
		CVE-2014-0178

- Fix install/package failure when DOCS option is off

This was committed in r348216 and erroneously reverted in r351659.

PR:		ports/187124
Submitted by:	sunpoet (myself)

Fix make checksum for devel/p5-Parse-Pidl

With hat:	portmgr

Convert all :U to :tu and :L to :tl

Since FreeBSD 8.4 and FreeBSD 9.1 make(1) do support :tu and :tl as a
replacement for :U and :L (which has been marked as deprecated)

bmake which is the default on FreeBSD 10+ only support by default
:tu/:tl a hack has been added at the time to support :U and :L to ease
migration. This hack is now not necessary anymore

Note that this makes the ports tree incompatible with make(1) from
FreeBSD 8.3 or earlier

With hat:	portmgr

WANT_OPENLDAP_SASL seems conflicting with ldb and it's not confirmed yet(?)
that it's necessary.

Extra STAGEDIR in post-install stage.

New version 4.1.7 of Samba4.1 port.

- Fix install/package failure when DOCS option is off

PR:		ports/187124
Submitted by:	sunpoet (myself)
Approved by:	maintainer (timeout, 14 days)

Security update:

	net/samba36 -> 3.6.23
	net/samba4  -> 4.0.16
	net/samba41 -> 4.1.6

Security:	03e48bf5-a96d-11e3-a556-3c970e169bc2

- Fix USE_PYTHON: resolve build failure for users with Python 3.x as default
python

PR:		ports/186797
Submitted by:	sunpoet (myself)
Approved by:	maintainer (timeout, 15 days)

Fixed(?) problem with the late enabling of USES+=fam.

Add new 4.1 branch of the Samba suite.

Sponsored by:	aliens