Mon May 28 19:12:29 UTC 201820180528191229

a/pkgtools-15.0-noarch-13.txz:  Rebuilt.
  installpkg: default line length for --terselength is the number of columns.
  removepkg: added --terse mode.
  upgradepkg: default line length for --terselength is the number of columns.
  upgradepkg: accept -option in addition to --option.
ap/vim-8.1.0026-x86_64-1.txz:  Upgraded.
d/bison-3.0.5-x86_64-1.txz:  Upgraded.
e/emacs-26.1-x86_64-1.txz:  Upgraded.
kde/kopete-4.14.3-x86_64-8.txz:  Rebuilt.
  Recompiled against libidn-1.35.
n/conntrack-tools-1.4.5-x86_64-1.txz:  Upgraded.
n/libnetfilter_conntrack-1.0.7-x86_64-1.txz:  Upgraded.
n/libnftnl-1.1.0-x86_64-1.txz:  Upgraded.
n/links-2.16-x86_64-2.txz:  Rebuilt.
  Rebuilt to enable X driver for -g mode.
n/lynx-2.8.9dev.19-x86_64-1.txz:  Upgraded.
n/nftables-0.8.5-x86_64-1.txz:  Upgraded.
n/p11-kit-0.23.11-x86_64-1.txz:  Upgraded.
n/ulogd-2.0.7-x86_64-1.txz:  Upgraded.
n/whois-5.3.1-x86_64-1.txz:  Upgraded.
xap/network-manager-applet-1.8.12-x86_64-1.txz:  Upgraded.
xap/vim-gvim-8.1.0026-x86_64-1.txz:  Upgraded.

519 files changed, 24488 insertions, 5630 deletions

diff --git a/source/n/FTBFSlog b/source/n/FTBFSlog
new file mode 100644
index 000000000..34153d5d8
--- /dev/null
+++ b/source/n/FTBFSlog
@@ -0,0 +1,11 @@
+Mon Feb 12 04:32:59 UTC 2018
+  All package confirmed to build from source.
++--------------------------+
+Fri Feb  2 19:33:00 UTC 2018
+  Fix all packages that fail to build from source:
+  htdig: build with -std=gnu++98 -fpermissive -fno-delete-null-pointer-checks
+  libtirpc: in xdr_sizeof.c, #include <stdint.h>
+  netkit-rwho: change getloadavg() function to rwho_getloadavg()
+  newspost: change getline() function to newspost_getline()
+  procmail: change getline() function to procmail_getline()
+  rp-pppoe: merge some Fedora patches
diff --git a/source/n/ModemManager/ModemManager.SlackBuild b/source/n/ModemManager/ModemManager.SlackBuild
index 090fdfaf2..6740f03b8 100755
--- a/source/n/ModemManager/ModemManager.SlackBuild
+++ b/source/n/ModemManager/ModemManager.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for ModemManager
 
@@ -24,9 +24,11 @@
 
 # Modified by Eric Hameleers, Eindhoven, NL
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=ModemManager
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d- | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
@@ -36,9 +38,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 OUTPUT=${OUTPUT:-/tmp}
@@ -72,7 +81,7 @@ find . \
 
 zcat $CWD/WeDoNotHaveSystemD.patch.gz | patch -p1 --verbose || exit 1
 
-CFLAGS="$SLKCFLAGS" \
+CFLAGS="$SLKCFLAGS -Wno-incompatible-pointer-types" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \
   --prefix=/usr \
@@ -88,6 +97,9 @@ CXXFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
 
diff --git a/source/n/ModemManager/slack-desc b/source/n/ModemManager/slack-desc
index 7e8ca3de8..8dd384bc9 100644
--- a/source/n/ModemManager/slack-desc
+++ b/source/n/ModemManager/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
             |-----handy-ruler------------------------------------------------------|
@@ -12,7 +12,7 @@ ModemManager: ModemManager provides a unified high level API for communicating w
 ModemManager: mobile broadband modems. 
 ModemManager:
 ModemManager: For more info, see:
-ModemManager:   https://www.freedesktop.org/wiki/Software/ModemManager
+ModemManager:  https://www.freedesktop.org/wiki/Software/ModemManager
 ModemManager:
 ModemManager:
 ModemManager:
diff --git a/source/n/NetworkManager/NetworkManager.SlackBuild b/source/n/NetworkManager/NetworkManager.SlackBuild
index d152c07c6..caa28ba7c 100755
--- a/source/n/NetworkManager/NetworkManager.SlackBuild
+++ b/source/n/NetworkManager/NetworkManager.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2010, 2011, 2014, 2016  Robby Workman, Northport, Alabama, USA
-# Copyright 2013, 2014, 2015, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2013, 2014, 2015, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -23,9 +23,11 @@
 
 # Modified 2011, 2012  by Eric Hameleers, Eindhoven, NL
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=NetworkManager
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
 MARCH=$( uname -m )
@@ -39,9 +41,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 OUTPUT=${OUTPUT:-/tmp}
@@ -84,6 +93,21 @@ find . \
 # Find the version number for pppd, used to specify the plugin directory:
 PPPD=$(echo /usr/lib${LIBDIRSUFFIX}/pppd/?.?.? | rev | cut -f 1 -d / | rev)
 
+# Apply bugfix patches from upstream git:
+for dfile in $CWD/patches/* ; do 
+  zcat $dfile | patch -p1 --verbose || exit 1
+done
+
+# For git-patched builds
+autoreconf -vif
+automake
+./autogen.sh
+
+# Configuring --enable-json-validation --enable-ovs requires the Jansson
+# json-c library. If there's any interest or usefulness with that, let me
+# know. The library is fairly small, but in order to actually use team
+# interfaces will probably require more stuff (not sure how much).
+
 CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \
@@ -103,6 +127,8 @@ CXXFLAGS="$SLKCFLAGS" \
   --with-modem-manager-1=yes \
   --with-nmtui=yes \
   --disable-vala \
+  --disable-json-validation \
+  --disable-ovs \
   --with-session-tracking=consolekit \
   --with-suspend-resume=consolekit \
   --with-hostname-persist=slackware \
@@ -111,6 +137,9 @@ CXXFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
 
@@ -163,7 +192,7 @@ fi
 
 mkdir -p $PKG/install
 cat $CWD/slack-desc > $PKG/install/slack-desc
-cat $CWD/doinst.sh > $PKG/install/doinst.sh
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 
 cd $PKG
 /sbin/makepkg --prepend -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
diff --git a/source/n/NetworkManager/patches/0000-slackware-use-fqdn.diff b/source/n/NetworkManager/patches/0000-slackware-use-fqdn.diff
new file mode 100644
index 000000000..f96f580f1
--- /dev/null
+++ b/source/n/NetworkManager/patches/0000-slackware-use-fqdn.diff
@@ -0,0 +1,31 @@
+--- ./src/nm-hostname-manager.c.orig	2017-11-10 09:46:25.000000000 -0600
++++ ./src/nm-hostname-manager.c	2017-11-10 17:42:41.829996568 -0600
+@@ -134,8 +134,7 @@
+ {
+ 	gs_free char *contents = NULL;
+ 	gs_strfreev char **all_lines = NULL;
+-	char *tmp;
+-	guint i, j = 0;
++	guint i = 0;
+ 
+ 	if (!g_file_get_contents (path, &contents, NULL, NULL))
+ 		return NULL;
+@@ -145,17 +144,7 @@
+ 		g_strstrip (all_lines[i]);
+ 		if (all_lines[i][0] == '#' || all_lines[i][0] == '\0')
+ 			continue;
+-		tmp = &all_lines[i][0];
+-		/* We only want up to the first '.' -- the rest of the */
+-		/* fqdn is defined in /etc/hosts */
+-		while (tmp[j] != '\0') {
+-			if (tmp[j] == '.') {
+-				tmp[j] = '\0';
+-				break;
+-			}
+-			j++;
+-		}
+-		return g_shell_unquote (tmp, NULL);
++		return g_shell_unquote (&all_lines[i][0], NULL);
+ 	}
+ 	return NULL;
+ }
diff --git a/source/n/NetworkManager/rc.networkmanager b/source/n/NetworkManager/rc.networkmanager
index dbdf19d5b..b6b311ed1 100644
--- a/source/n/NetworkManager/rc.networkmanager
+++ b/source/n/NetworkManager/rc.networkmanager
@@ -33,7 +33,7 @@ nm_start()
   fi
 
   echo "Starting NetworkManager daemon:  $NETWORKMANAGER_BIN"
-  $NETWORKMANAGER_BIN
+  XDG_CACHE_HOME=/root/.cache $NETWORKMANAGER_BIN
 }
 
 nm_status()
diff --git a/source/n/NetworkManager/slack-desc b/source/n/NetworkManager/slack-desc
index 964960480..31e34d44c 100644
--- a/source/n/NetworkManager/slack-desc
+++ b/source/n/NetworkManager/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
               |-----handy-ruler------------------------------------------------------|
 NetworkManager: NetworkManager (Networking that Just Works)
 NetworkManager:
 NetworkManager: The point of NetworkManager is to make networking configuration and
-NetworkManager: setup as painless and automatic as possible.  NetworkManager sets IP
+NetworkManager: setup as painless and automatic as possible. NetworkManager sets IP
 NetworkManager: addresses, default routes, associating with wireless access points
 NetworkManager: or wired LANs, and other network configuration settings in a simple,
 NetworkManager: automated fashion (manual overrides are still possible).
diff --git a/source/n/alpine/alpine.SlackBuild b/source/n/alpine/alpine.SlackBuild
index 9f2a91c87..41e55c4b5 100755
--- a/source/n/alpine/alpine.SlackBuild
+++ b/source/n/alpine/alpine.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,13 +20,17 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=alpine
-VERSION=${VERSION:-2.20}
-ALPINEBUILD=${ALPINEBUILD:-2}
-IMAPDBUILD=${IMAPDBUILD:-2}
+VERSION=${VERSION:-2.21}
+ALPINEBUILD=${ALPINEBUILD:-3}
+IMAPDBUILD=${IMAPDBUILD:-1}
 PINEPGP=${PINEPGP:-0.18.0}
 
+# By default, do not build the unmaintained and possibly insecure impad:
+BUILD_IMAPD=${BUILD_IMAPD:-NO}
+
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
@@ -37,10 +41,17 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$ALPINEBUILD.txz"
+  exit 0
+fi
+
 # We don't use this below as it breaks the build.
 NUMJOBS=${NUMJOBS:-" -j6 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
@@ -56,8 +67,8 @@ fi
 
 cd $TMP
 rm -rf alpine-${VERSION}
-tar xvf $CWD/alpine-$VERSION.tar.?z* || exit 1
-cd alpine-$VERSION
+tar xvf $CWD/alpine-$VERSION.tar.xz || exit 1
+cd alpine-$VERSION || exit 1
 
 # Make sure ownerships and permissions are sane:
 chown -R root:root .
@@ -85,7 +96,7 @@ CFLAGS="$SLKCFLAGS" \
   --without-tcl \
   --program-prefix= \
   --program-suffix= \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 # Correct paths and programs in tech-notes.txt:
 ( cd doc/tech-notes
@@ -114,7 +125,7 @@ cp -a \
 cd $TMP
 rm -rf pinepgp-$PINEPGP
 tar xvf $CWD/pinepgp-$PINEPGP.tar.gz || exit 1
-cd pinepgp-$PINEPGP
+cd pinepgp-$PINEPGP || exit 1
 zcat $CWD/pinepgp-${PINEPGP}-makefile-sed-fix.diff.gz | patch -p1 --verbose || exit 1
 zcat $CWD/pinepgp.pinegpgp.in.diff.gz | patch -p1 --verbose || exit 1
 chown -R root:root .
@@ -164,16 +175,20 @@ cat $CWD/slack-desc.alpine > $PKG/install/slack-desc
 cd $PKG
 /sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$ALPINEBUILD.txz
 
+if [ "$BUILD_IMAPD" = "NO" ]; then
+  exit 0
+fi
+
 # As is customary, now build a package for the included IMAP and
 # POP3 daemons:
 PKG2=/tmp/package-imapd
 cd $TMP
 rm -rf $PKG2
 mkdir -p $PKG2
-cd alpine-$VERSION/imap
+cd alpine-$VERSION/imap || exit 1
 mkdir -p $PKG2/usr/doc/imapd-$VERSION
 cp -a \
-  CONTENTS LICENSE.txt NOTICE SUPPORT \
+  CONTENTS LICENSE* NOTICE SUPPORT* \
   $PKG2/usr/doc/imapd-$VERSION
 cat << EOF > $PKG2/usr/doc/imapd-$VERSION/additional-imap-documentation
 Additional documentation for imapd may be found in the alpine
diff --git a/source/n/alpine/alpine.manpage.diff b/source/n/alpine/alpine.manpage.diff
index c35b95e18..c5a231e8e 100644
--- a/source/n/alpine/alpine.manpage.diff
+++ b/source/n/alpine/alpine.manpage.diff
@@ -1,6 +1,6 @@
---- ./doc/alpine.1.orig	2008-03-14 18:53:39.000000000 -0500
-+++ ./doc/alpine.1	2008-08-06 20:00:13.000000000 -0500
-@@ -305,11 +305,11 @@
+--- ./doc/man1/alpine.1.orig	2017-02-05 18:06:22.535218936 -0600
++++ ./doc/man1/alpine.1	2017-03-21 12:55:47.314513532 -0500
+@@ -325,11 +325,11 @@
  .br
  /etc/mime.types	System-wide file ext. to MIME type mapping
  .br
@@ -13,5 +13,5 @@
 -/usr/local/lib/pine.conf.fixed	 Non-overridable configuration file.
 +/etc/pine.conf.fixed	 Non-overridable configuration file.
  .br
- /tmp/.\\usr\\spool\\mail\\xxxx	Per-folder mailbox lock files.
+ ~/.alpine-smime/ca	Directory that contains Certificate Authority files.
  .br
diff --git a/source/n/alpine/slack-desc.alpine b/source/n/alpine/slack-desc.alpine
index ad9f7b6fa..4f3495bbf 100644
--- a/source/n/alpine/slack-desc.alpine
+++ b/source/n/alpine/slack-desc.alpine
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
@@ -10,10 +10,10 @@ alpine: alpine (Alternatively Licensed Program for Internet News and Email)
 alpine:
 alpine: Alpine is a fast, easy to use email client that is suitable for both
 alpine: the inexperienced email user as well as for the most demanding of
-alpine: power users.  Alpine is based on the Pine(R) Message System, which
-alpine: was also developed at the University of Washington.  Alpine can be
-alpine: learned by exploration and the use of context-sensitive help.  The
+alpine: power users. Alpine is based on the Pine(R) Message System, which
+alpine: was also developed at the University of Washington. Alpine can be
+alpine: learned by exploration and the use of context-sensitive help. The
 alpine: user experience is highly customizable through the use of the Alpine
 alpine: Setup command.
 alpine:
-alpine: The Alpine site may be found here:  http://patches.freeiz.com/alpine
+alpine: The Alpine site may be found here: http://patches.freeiz.com/alpine
diff --git a/source/n/alpine/slack-desc.imapd b/source/n/alpine/slack-desc.imapd
index d52249a24..774865e53 100644
--- a/source/n/alpine/slack-desc.imapd
+++ b/source/n/alpine/slack-desc.imapd
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 imapd: imapd (IMAP4rev1 from alpine)
 imapd:
 imapd: /usr/sbin/ipop3d and /usr/sbin/imapd are servers supporting the POP3
-imapd: and IMAP remote mail access protocols.  They allow users to download
+imapd: and IMAP remote mail access protocols. They allow users to download
 imapd: mail from your Linux system for remote viewing.
 imapd:
 imapd:
diff --git a/source/n/autofs/autofs-5.0.7.tar.sign b/source/n/autofs/autofs-5.0.7.tar.sign
deleted file mode 100644
index 321e4054a..000000000
--- a/source/n/autofs/autofs-5.0.7.tar.sign
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.12 (GNU/Linux)
-
-iQIcBAABAgAGBQJQD42MAAoJEOdnc4D1T9ipQqgP/Rgv4TZ+THOwK5GzWkpw49cL
-Iyy1RgdcHYnPlohOBXQf9q5R4xkCtJ57qUWMnKaImPSDKnYUzvS3Ttg6IkdLdOET
-JwO4GrcAKf1Wf+z4eDRjMHd+wrNoau2HkIUSJLSzajExgWQ2127FmYc+GIZv3OAK
-IJac9kSqryjfVLFH5vW4TFgxN4rCMUW8dvCynSG3rSvpWT9CbXrVoKbwQCugpoj0
-tB+1nPlq51hwJjYOXNuPwVBkvtnbB9MbUN9QCtax7ORVdd8ptRBJe0K6z6efvU1G
-aoXKf/HthW+aP07Qb2D8Kz2NwArsS9b2MZMFnk0fkPW0vw3nhGqlWkHaZ72nRz+f
-clY+mv6gjZ0VIQP7/VH8f+8XGOvKipZabMmOx0gR9aEh9DxBqetti5/LHsgJhic3
-8bkXkze8qpLNtMleaPeSV3B4OUUDmGEU1+kdvPsU53eEJQGqqnvYsExhD6SfxT8d
-aksdFqvkEIfrxKxmedjEYo72NjJg/Fr4wYInW0RCEOekOunXV0sxYwZwmx/67EQ4
-PYbWxVT3iTKACa1zSyVQVPrONdXXkTwFGUY5IcRPOQ/05KHOJR8slmaOrRfya0de
-jilwKzuOxXMJlmhhPwPycoe0AEBWEzuq+pr/SX4pqJ/fnvyVbq30aVDEnJr8xHz4
-VIsuyeTjs3iSIL0UaN2c
-=/dIW
------END PGP SIGNATURE-----
diff --git a/source/n/autofs/autofs-5.1.4.tar.sign b/source/n/autofs/autofs-5.1.4.tar.sign
new file mode 100644
index 000000000..6b0e6fc67
--- /dev/null
+++ b/source/n/autofs/autofs-5.1.4.tar.sign
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABAgAGBQJaOLoGAAoJEOdnc4D1T9ipYvIP/1O0yXKY4dFn62NEhKRhRKl8
+pRveDV2YV6tp0W1L5Q+EOl8AtBI4NZ1Xy8TsQtFIj3Zd6J0mXY6nWj7XM48OZpBk
+u0RWmRe7hb8Q85I765iGsHwG7mtc3R4UseeJrludQ9/NU2GuUBFAtP0MVEO403mj
+N1nJHLLPXWfm/TBvwDLe6POApOAcLEovYPa2AGWyEtCDQWVgJSFmDCK6cBBo3NFb
+SMo+20sxN9o+BYxmpXRwNr9kNGOF0N1wOUHDfIzfIsZp0rzsCo40D1uPDDzL9QVQ
+Tpz2zKkUbIjRPI6X45JDcpXoLJU5jth8oY/fQDfGtNKOrht3safBZe/gRCjVpTAH
+ciBfBxylsMZsRAoafrXN71bfas/SjQKegDlBkbWBWqGjsyH2aqnKbBV6YT6A73KE
+dMog0SckAmyDHb6CEHOsm4ShMDjforDdSK85gb+5B7lTHZGXp/dhCFaA2i2zWbJA
+9v6HTMThwS7NFFGYPZWqf7ev7lLWESLZWQFzX35NJR+q8yojEBS0U+p2QhdPq4M8
+xyKNo0PxnlIL+yUKHfUxz/H8+65Vq3sPyfsjaqeElvrSZI0eaok3u/hHyjPj8y5j
+YDTBdnzW84sqelK9bxKj+uNUmZBwZSvLFhyX52b9zmvtEGTkBOY93VCwNjna9Z5N
+Ol8XFh+xDXdzqwZBoN8c
+=6Zla
+-----END PGP SIGNATURE-----
diff --git a/source/n/autofs/autofs.SlackBuild b/source/n/autofs/autofs.SlackBuild
index 5441894fc..e059b1783 100755
--- a/source/n/autofs/autofs.SlackBuild
+++ b/source/n/autofs/autofs.SlackBuild
@@ -1,7 +1,6 @@
+#!/bin/bash
 
-#!/bin/sh
-
-# Copyright 2010, 2013  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2010, 2013, 2017, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,6 +20,7 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=autofs
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
@@ -31,15 +31,23 @@ NUMJOBS=${NUMJOBS:-" -j7 "}
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -52,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -64,8 +71,6 @@ rm -rf $PKGNAM-$VERSION
 tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
 cd $PKGNAM-$VERSION || exit 1
 
-zcat $CWD/autofs.sasl.diff.gz | patch -p1 -l --verbose || exit 1
-
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -81,9 +86,10 @@ CPPFLAGS="$SLKCFLAGS" \
   --prefix=/usr \
   --mandir=/usr/man \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
+  --with-libtirpc \
   --with-openldap \
   --without-sasl \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
@@ -96,11 +102,12 @@ mv $PKG/etc/rc.d/autofs $PKG/etc/rc.d/rc.autofs.new
 chmod 644 $PKG/etc/rc.d/rc.autofs.new
 
 # Prep the config files:
-( cd $PKG/etc
-  for file in auto.master auto.misc autofs_ldap_auth.conf default/autofs ; do
-    mv $file ${file}.new
-  done
-)
+for file in auto.master auto.misc autofs.conf autofs_ldap_auth.conf default/autofs ; do
+  mv $PKG/etc/$file $PKG/etc/${file}.new
+done
+
+# Fix a typo that's harmless but ugly:
+sed -i "s/syatem/system/g" $PKG/etc/default/autofs.new
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
diff --git a/source/n/autofs/autofs.sasl.diff b/source/n/autofs/autofs.sasl.diff
deleted file mode 100644
index 8b451031c..000000000
--- a/source/n/autofs/autofs.sasl.diff
+++ /dev/null
@@ -1,29 +0,0 @@
-diff -Nuar autofs-5.0.7-orig/modules/lookup_ldap.c autofs-5.0.7/modules/lookup_ldap.c
---- autofs-5.0.7-orig/modules/lookup_ldap.c     2012-10-02 11:44:21.000000000 -0400
-+++ autofs-5.0.7/modules/lookup_ldap.c  2012-10-02 11:44:46.000000000 -0400
-@@ -585,10 +585,12 @@
- {
-        LDAP *ldap;
-
-+#ifdef WITH_SASL
-        if (ctxt->extern_cert && ctxt->extern_key) {
-                set_env(logopt, ENV_LDAPTLS_CERT, ctxt->extern_cert);
-                set_env(logopt, ENV_LDAPTLS_KEY, ctxt->extern_key);
-        }
-+#endif
-
-        ldap = init_ldap_connection(logopt, uri, ctxt);
-        if (ldap) {
-@@ -1385,10 +1387,12 @@
-                defaults_free_searchdns(ctxt->sdns);
-        if (ctxt->dclist)
-                free_dclist(ctxt->dclist);
-+#ifdef WITH_SASL
-        if (ctxt->extern_cert)
-                free(ctxt->extern_cert);
-        if (ctxt->extern_key)
-                free(ctxt->extern_key);
-+#endif
-        free(ctxt);
-
-        return;
diff --git a/source/n/autofs/autofs.url b/source/n/autofs/autofs.url
new file mode 100644
index 000000000..313c67e64
--- /dev/null
+++ b/source/n/autofs/autofs.url
@@ -0,0 +1 @@
+http://www.kernel.org:/pub/linux/daemons/autofs/v5
diff --git a/source/n/autofs/doinst.sh b/source/n/autofs/doinst.sh
index 0b0d80309..49b6672fe 100644
--- a/source/n/autofs/doinst.sh
+++ b/source/n/autofs/doinst.sh
@@ -19,6 +19,7 @@ fi
 
 config etc/auto.master.new
 config etc/auto.misc.new
+config etc/autofs.conf.new
 config etc/autofs_ldap_auth.conf.new
 config etc/default/autofs.new
 
diff --git a/source/n/autofs/slack-desc b/source/n/autofs/slack-desc
index a7af6c0b2..776958f82 100644
--- a/source/n/autofs/slack-desc
+++ b/source/n/autofs/slack-desc
@@ -1,16 +1,16 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
 autofs: autofs (kernel-based automounter)
 autofs:
-autofs: autofs is a kernel-based automounter for Linux.  It performs a job
+autofs: autofs is a kernel-based automounter for Linux. It performs a job
 autofs: similar to amd(8) but relies on a small stub of kernel code instead of
-autofs: pretending to be an NFS server.  The result is simpler code, better
+autofs: pretending to be an NFS server. The result is simpler code, better
 autofs: reliability, and much faster operation in the common case (everything
 autofs: already mounted.)
 autofs:
diff --git a/source/n/biff+comsat/biff+comsat.SlackBuild b/source/n/biff+comsat/biff+comsat.SlackBuild
index f177bfc17..b2e117414 100755
--- a/source/n/biff+comsat/biff+comsat.SlackBuild
+++ b/source/n/biff+comsat/biff+comsat.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,20 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=biff+comsat
 VERSION=0.17
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-biff+comsat
 
diff --git a/source/n/biff+comsat/slack-desc b/source/n/biff+comsat/slack-desc
index 1c27bf328..818b99f77 100644
--- a/source/n/biff+comsat/slack-desc
+++ b/source/n/biff+comsat/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
            |-----handy-ruler------------------------------------------------------|
 biff+comsat: biff+comsat (mail arrival notification daemon)
 biff+comsat:
 biff+comsat: Comsat is the server process which receives reports of incoming mail
-biff+comsat: and notifies users if they have requested this service.  "biff" is
+biff+comsat: and notifies users if they have requested this service. "biff" is
 biff+comsat: the program that requests comsat service "biff y", and may be placed
 biff+comsat: in a user's startup file if they'd like to hear a beep and trash
-biff+comsat: their console with each new piece of junk mail.  ;-)
+biff+comsat: their console with each new piece of junk mail. ;-)
 biff+comsat:
 biff+comsat: Biff was the name of Heidi Stettner's dog, who barked when the
-biff+comsat: mailman came.  Biff was well known to many of the early BSD developers
+biff+comsat: mailman came. Biff was well known to many of the early BSD developers
 biff+comsat: living in Evans Hall at U.C. Berkeley.
diff --git a/source/n/bind/bind.SlackBuild b/source/n/bind/bind.SlackBuild
index 13d9cdd7a..a5e162459 100755
--- a/source/n/bind/bind.SlackBuild
+++ b/source/n/bind/bind.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=bind
-VERSION=${VERSION:-9.10.4-P1}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-9.11.3}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,10 +36,17 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
-TMP=/bind-$(mcookie)
+TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
 mkdir -p $TMP $PKG/etc/default
@@ -64,6 +72,9 @@ cd ${PKGNAM}-$VERSION || exit 1
 # upstream already, but an explicit #undef SO_BSDCOMPAT does not hurt:
 zcat $CWD/bind.so_bsdcompat.diff.gz | patch -p1 --verbose || exit
 
+# Thanks to Fedora for libidn support patch:
+zcat $CWD/bind.libidn.patch.gz | patch -p1 --verbose || exit 1
+
 # Make sure ownerships and permissions are sane:
 chown -R root:root .
 find . \
@@ -80,7 +91,6 @@ CFLAGS="$SLKCFLAGS" \
   --sysconfdir=/etc \
   --localstatedir=/var \
   --with-libtool \
-  --with-idn=/usr \
   --mandir=/usr/man \
   --enable-shared \
   --disable-static \
@@ -92,6 +102,9 @@ CFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 # We like symlinks.
 ( cd $PKG/usr/sbin
   ln -sf named lwresd
diff --git a/source/n/bind/bind.libidn.patch b/source/n/bind/bind.libidn.patch
new file mode 100644
index 000000000..6e042be74
--- /dev/null
+++ b/source/n/bind/bind.libidn.patch
@@ -0,0 +1,297 @@
+diff --git a/bin/dig/Makefile.in b/bin/dig/Makefile.in
+index bd219c5..f71685b 100644
+--- a/bin/dig/Makefile.in
++++ b/bin/dig/Makefile.in
+@@ -38,10 +38,10 @@ DEPLIBS =	${DNSDEPLIBS} ${BIND9DEPLIBS} ${ISCDEPLIBS} \
+ 		${ISCCFGDEPLIBS} ${LWRESDEPLIBS}
+ 
+ LIBS =		${LWRESLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
+-		${ISCLIBS} @IDNLIBS@ @LIBS@
++		${ISCLIBS} @IDNLIBS@ @LIBS@ -lidn
+ 
+ NOSYMLIBS =	${LWRESLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
+-		${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@
++		${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ -lidn
+ 
+ SUBDIRS =
+ 
+@@ -59,6 +59,8 @@ HTMLPAGES =	dig.html host.html nslookup.html
+ 
+ MANOBJS =	${MANPAGES} ${HTMLPAGES}
+ 
++EXT_CFLAGS = -DWITH_LIBIDN
++
+ @BIND9_MAKE_RULES@
+ 
+ dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS}
+diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook
+index 7a7e8e4..b36047f 100644
+--- a/bin/dig/dig.docbook
++++ b/bin/dig/dig.docbook
+@@ -1251,8 +1251,8 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
+       <command>dig</command> appropriately converts character encoding of
+       domain name before sending a request to DNS server or displaying a
+       reply from the server.
+-      If you'd like to turn off the IDN support for some reason, defines
+-      the <envar>IDN_DISABLE</envar> environment variable.
++      If you'd like to turn off the IDN support for some reason, define
++      the <envar>CHARSET=ASCII</envar> environment variable.
+       The IDN support is disabled if the variable is set when
+       <command>dig</command> runs.
+     </para>
+diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
+index 1f8bcf2..f657c30 100644
+--- a/bin/dig/dighost.c
++++ b/bin/dig/dighost.c
+@@ -33,6 +33,11 @@
+ #include <idn/api.h>
+ #endif
+ 
++#ifdef WITH_LIBIDN
++#include <stringprep.h>
++#include <idna.h>
++#endif
++
+ #include <dns/byaddr.h>
+ #ifdef DIG_SIGCHASE
+ #include <dns/callbacks.h>
+@@ -158,6 +163,14 @@ static void		idn_check_result(idn_result_t r, const char *msg);
+ int  idnoptions	= 0;
+ #endif
+ 
++#ifdef WITH_LIBIDN
++static isc_result_t	libidn_locale_to_utf8 (const char* from, char *to);
++static isc_result_t	libidn_utf8_to_ascii (const char* from, char *to);
++static isc_result_t	output_filter (isc_buffer_t *buffer,
++				       unsigned int used_org,
++				       isc_boolean_t absolute);
++#endif
++
+ isc_socket_t *keep = NULL;
+ isc_sockaddr_t keepaddr;
+ 
+@@ -1448,8 +1461,15 @@ setup_system(isc_boolean_t ipv4only, isc_boolean_t ipv6only) {
+ 
+ #ifdef WITH_IDN
+ 	initialize_idn();
++	
++#endif
++#ifdef WITH_LIBIDN
++	result = dns_name_settotextfilter(output_filter);
++	check_result(result, "dns_name_settotextfilter");
++#ifdef HAVE_SETLOCALE
++	setlocale (LC_ALL, "");
++#endif
+ #endif
+-
+ 	if (keyfile[0] != 0)
+ 		setup_file_key();
+ 	else if (keysecret[0] != 0)
+@@ -2231,8 +2251,11 @@ setup_lookup(dig_lookup_t *lookup) {
+ 	idn_result_t mr;
+ 	char utf8_textname[MXNAME], utf8_origin[MXNAME], idn_textname[MXNAME];
+ #endif
++#ifdef WITH_LIBIDN
++	char utf8_str[MXNAME], utf8_name[MXNAME], ascii_name[MXNAME];
++#endif
+ 
+-#ifdef WITH_IDN
++#if defined (WITH_IDN) || defined (WITH_LIBIDN)
+ 	result = dns_name_settotextfilter(lookup->idnout ?
+ 					  output_filter : NULL);
+ 	check_result(result, "dns_name_settotextfilter");
+@@ -2274,6 +2297,14 @@ setup_lookup(dig_lookup_t *lookup) {
+ 	mr = idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP, lookup->textname,
+ 			    utf8_textname, sizeof(utf8_textname));
+ 	idn_check_result(mr, "convert textname to UTF-8");
++#elif defined (WITH_LIBIDN)
++	result = libidn_locale_to_utf8 (lookup->textname, utf8_str);
++	check_result (result, "convert textname to UTF-8");
++	len = strlen (utf8_str);
++	if (len < MXNAME)
++		(void) strcpy (utf8_name, utf8_str);
++	else
++		fatal ("Too long name");
+ #endif
+ 
+ 	/*
+@@ -2286,15 +2317,11 @@ setup_lookup(dig_lookup_t *lookup) {
+ 	if (lookup->new_search) {
+ #ifdef WITH_IDN
+ 		if ((count_dots(utf8_textname) >= ndots) || !usesearch) {
+-			lookup->origin = NULL; /* Force abs lookup */
+-			lookup->done_as_is = ISC_TRUE;
+-			lookup->need_search = usesearch;
+-		} else if (lookup->origin == NULL && usesearch) {
+-			lookup->origin = ISC_LIST_HEAD(search_list);
+-			lookup->need_search = ISC_FALSE;
+-		}
++#elif defined (WITH_LIBIDN)
++		if ((count_dots(utf8_name) >= ndots) || !usesearch) {
+ #else
+ 		if ((count_dots(lookup->textname) >= ndots) || !usesearch) {
++#endif
+ 			lookup->origin = NULL; /* Force abs lookup */
+ 			lookup->done_as_is = ISC_TRUE;
+ 			lookup->need_search = usesearch;
+@@ -2302,7 +2329,6 @@ setup_lookup(dig_lookup_t *lookup) {
+ 			lookup->origin = ISC_LIST_HEAD(search_list);
+ 			lookup->need_search = ISC_FALSE;
+ 		}
+-#endif
+ 	}
+ 
+ #ifdef WITH_IDN
+@@ -2319,6 +2345,20 @@ setup_lookup(dig_lookup_t *lookup) {
+ 			    IDN_IDNCONV | IDN_LENCHECK, utf8_textname,
+ 			    idn_textname, sizeof(idn_textname));
+ 	idn_check_result(mr, "convert UTF-8 textname to IDN encoding");
++#elif defined (WITH_LIBIDN)
++	if (lookup->origin != NULL) {
++		result = libidn_locale_to_utf8 (lookup->origin->origin, utf8_str);
++		check_result (result, "convert origin to UTF-8");
++		if (len > 0 && utf8_name[len - 1] != '.') {
++			utf8_name[len++] = '.';
++			if (len + strlen (utf8_str) < MXNAME)
++				(void) strcpy (utf8_name + len, utf8_str);
++			else
++				fatal ("Too long name + origin");
++		}
++	}
++
++	result = libidn_utf8_to_ascii (utf8_name, ascii_name);
+ #else
+ 	if (lookup->origin != NULL) {
+ 		debug("trying origin %s", lookup->origin->origin);
+@@ -2389,6 +2429,13 @@ setup_lookup(dig_lookup_t *lookup) {
+ 			result = dns_name_fromtext(lookup->name, &b,
+ 						   dns_rootname, 0,
+ 						   &lookup->namebuf);
++#elif defined (WITH_LIBIDN)
++			len = strlen (ascii_name);
++			isc_buffer_init(&b, ascii_name, len);
++			isc_buffer_add(&b, len);
++			result = dns_name_fromtext(lookup->name, &b,
++						   dns_rootname, 0,
++						   &lookup->namebuf);
+ #else
+ 			len = (unsigned int) strlen(lookup->textname);
+ 			isc_buffer_init(&b, lookup->textname, len);
+@@ -4377,7 +4424,7 @@ destroy_libs(void) {
+ 	void * ptr;
+ 	dig_message_t *chase_msg;
+ #endif
+-#ifdef WITH_IDN
++#if defined (WITH_IDN) || defined (WITH_LIBIDN)
+ 	isc_result_t result;
+ #endif
+ 
+@@ -4418,6 +4465,10 @@ destroy_libs(void) {
+ 	result = dns_name_settotextfilter(NULL);
+ 	check_result(result, "dns_name_settotextfilter");
+ #endif
++#ifdef WITH_LIBIDN
++	result = dns_name_settotextfilter (NULL);
++	check_result(result, "clearing dns_name_settotextfilter");
++#endif
+ 	dns_name_destroy();
+ 
+ 	if (commctx != NULL) {
+@@ -4603,6 +4654,97 @@ idn_check_result(idn_result_t r, const char *msg) {
+ 	}
+ }
+ #endif /* WITH_IDN */
++#ifdef WITH_LIBIDN
++static isc_result_t
++libidn_locale_to_utf8 (const char *from, char *to) {
++	char *utf8_str;
++
++	debug ("libidn_locale_to_utf8");
++	utf8_str = stringprep_locale_to_utf8 (from);
++	if (utf8_str != NULL) {
++		(void) strcpy (to, utf8_str);
++		free (utf8_str);
++		return ISC_R_SUCCESS;
++	}
++
++	debug ("libidn_locale_to_utf8: failure");
++	return ISC_R_FAILURE;
++}
++static isc_result_t
++libidn_utf8_to_ascii (const char *from, char *to) {
++	char *ascii;
++	int iresult;
++
++	debug ("libidn_utf8_to_ascii");
++	iresult = idna_to_ascii_8z (from, &ascii, 0);
++	if (iresult != IDNA_SUCCESS) {
++		debug ("idna_to_ascii_8z: %s", idna_strerror (iresult));
++		return ISC_R_FAILURE;
++	}
++
++	(void) strcpy (to, ascii);
++	free (ascii);
++	return ISC_R_SUCCESS;
++}
++
++static isc_result_t
++output_filter (isc_buffer_t *buffer, unsigned int used_org,
++	       isc_boolean_t absolute) {
++
++	char tmp1[MXNAME], *tmp2;
++        size_t fromlen, tolen;
++        isc_boolean_t end_with_dot;
++	int iresult;
++
++	debug ("output_filter");
++
++        fromlen = isc_buffer_usedlength (buffer) - used_org;
++	if (fromlen >= MXNAME)
++		return ISC_R_SUCCESS;
++        memcpy (tmp1, (char *) isc_buffer_base (buffer) + used_org, fromlen);
++        end_with_dot = (tmp1[fromlen - 1] == '.') ? ISC_TRUE : ISC_FALSE;
++        if (absolute && !end_with_dot) {
++                fromlen++;
++		if (fromlen >= MXNAME)
++			return ISC_R_SUCCESS;
++                tmp1[fromlen - 1] = '.';
++        }
++        tmp1[fromlen] = '\0';
++
++	iresult = idna_to_unicode_8z8z (tmp1, &tmp2, 0);
++	if (iresult != IDNA_SUCCESS) {
++		debug ("output_filter: %s", idna_strerror (iresult));
++		return ISC_R_SUCCESS;
++	}
++
++	(void) strcpy (tmp1, tmp2);
++	free (tmp2);
++
++	tmp2 = stringprep_utf8_to_locale (tmp1);
++	if (tmp2 == NULL) {
++		debug ("output_filter: stringprep_utf8_to_locale failed");
++		return ISC_R_SUCCESS;
++	}
++
++	(void) strcpy (tmp1, tmp2);
++	free (tmp2);
++
++        tolen = strlen (tmp1);
++        if (absolute && !end_with_dot && tmp1[tolen - 1] == '.')
++                tolen--;
++
++        if (isc_buffer_length (buffer) < used_org + tolen)
++                return ISC_R_NOSPACE;
++
++	debug ("%s", tmp1);
++
++        isc_buffer_subtract (buffer, isc_buffer_usedlength (buffer) - used_org);
++        memcpy (isc_buffer_used (buffer), tmp1, tolen);
++        isc_buffer_add (buffer, tolen);
++
++        return ISC_R_SUCCESS;
++}
++#endif /* WITH_LIBIDN*/
+ 
+ #ifdef DIG_SIGCHASE
+ void
diff --git a/source/n/bind/caching-example/named.root b/source/n/bind/caching-example/named.root
index 9cc20228c..86cd81528 100644
--- a/source/n/bind/caching-example/named.root
+++ b/source/n/bind/caching-example/named.root
@@ -1,90 +1,92 @@
-;       This file holds the information on root name servers needed to
+;       This file holds the information on root name servers needed to 
 ;       initialize cache of Internet domain name servers
 ;       (e.g. reference this file in the "cache  .  <file>"
-;       configuration file of BIND domain name servers).
-;
+;       configuration file of BIND domain name servers). 
+; 
 ;       This file is made available by InterNIC 
 ;       under anonymous FTP as
-;           file                /domain/named.cache
+;           file                /domain/named.cache 
 ;           on server           FTP.INTERNIC.NET
 ;       -OR-                    RS.INTERNIC.NET
-;
-;       last update:    November 05, 2014
-;       related version of root zone:   2014110501
-;
-; formerly NS.INTERNIC.NET
+; 
+;       last update:     July 26, 2017 
+;       related version of root zone:     2017072601
+; 
+; FORMERLY NS.INTERNIC.NET 
 ;
 .                        3600000      NS    A.ROOT-SERVERS.NET.
 A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
 A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
-;
-; FORMERLY NS1.ISI.EDU
+; 
+; FORMERLY NS1.ISI.EDU 
 ;
 .                        3600000      NS    B.ROOT-SERVERS.NET.
 B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
-B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:84::b
-;
-; FORMERLY C.PSI.NET
+B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:200::b
+; 
+; FORMERLY C.PSI.NET 
 ;
 .                        3600000      NS    C.ROOT-SERVERS.NET.
 C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
 C.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2::c
-;
-; FORMERLY TERP.UMD.EDU
+; 
+; FORMERLY TERP.UMD.EDU 
 ;
 .                        3600000      NS    D.ROOT-SERVERS.NET.
 D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13
 D.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2d::d
-;
+; 
 ; FORMERLY NS.NASA.GOV
 ;
 .                        3600000      NS    E.ROOT-SERVERS.NET.
 E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
-;
+E.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:a8::e
+; 
 ; FORMERLY NS.ISC.ORG
 ;
 .                        3600000      NS    F.ROOT-SERVERS.NET.
 F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
 F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f
-;
+; 
 ; FORMERLY NS.NIC.DDN.MIL
 ;
 .                        3600000      NS    G.ROOT-SERVERS.NET.
 G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
-;
+G.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:12::d0d
+; 
 ; FORMERLY AOS.ARL.ARMY.MIL
 ;
 .                        3600000      NS    H.ROOT-SERVERS.NET.
-H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
-H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::803f:235
-;
+H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
+H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
+; 
 ; FORMERLY NIC.NORDU.NET
 ;
 .                        3600000      NS    I.ROOT-SERVERS.NET.
 I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
 I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fe::53
-;
+; 
 ; OPERATED BY VERISIGN, INC.
 ;
 .                        3600000      NS    J.ROOT-SERVERS.NET.
 J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
 J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:c27::2:30
-;
+; 
 ; OPERATED BY RIPE NCC
 ;
 .                        3600000      NS    K.ROOT-SERVERS.NET.
 K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
 K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1
-;
+; 
 ; OPERATED BY ICANN
 ;
 .                        3600000      NS    L.ROOT-SERVERS.NET.
 L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
-L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:3::42
-;
+L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:9f::42
+; 
 ; OPERATED BY WIDE
 ;
 .                        3600000      NS    M.ROOT-SERVERS.NET.
 M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
 M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35
-; End of file
+; End of file
\ No newline at end of file
diff --git a/source/n/bind/slack-desc b/source/n/bind/slack-desc
index 9e9b15d11..b4fcc8250 100644
--- a/source/n/bind/slack-desc
+++ b/source/n/bind/slack-desc
@@ -1,16 +1,16 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 bind: bind (DNS server and utilities)
 bind:
 bind: The named daemon and support utilities such as dig, host, and
-bind: nslookup.  Sample configuration files for running a simple caching
-bind: nameserver are included.  Documentation for advanced name server
+bind: nslookup. Sample configuration files for running a simple caching
+bind: nameserver are included. Documentation for advanced name server
 bind: setup can be found in /usr/doc/bind-9.x.x/.
 bind:
 bind:
diff --git a/source/n/bluez-firmware/bluez-firmware.SlackBuild b/source/n/bluez-firmware/bluez-firmware.SlackBuild
index 26a9051b5..7249b645e 100755
--- a/source/n/bluez-firmware/bluez-firmware.SlackBuild
+++ b/source/n/bluez-firmware/bluez-firmware.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,25 +20,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=bluez-firmware
 VERSION=${VERSION:-1.2}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
 elif [ "$ARCH" = "x86_64" ]; then
@@ -47,7 +56,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
diff --git a/source/n/bluez-firmware/slack-desc b/source/n/bluez-firmware/slack-desc
index ff96de6b5..f9cb90233 100644
--- a/source/n/bluez-firmware/slack-desc
+++ b/source/n/bluez-firmware/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
               |-----handy-ruler------------------------------------------------------|
@@ -11,7 +11,7 @@ bluez-firmware:
 bluez-firmware: The bluez-firmware package contains firmware needed by various
 bluez-firmware: chipsets to support Bluetooth(TM) on Linux.
 bluez-firmware:
-bluez-firmware: For more info, visit:  http://www.bluez.org
+bluez-firmware: For more info, visit: http://www.bluez.org
 bluez-firmware:
 bluez-firmware:
 bluez-firmware:
diff --git a/source/n/bluez/bluez.SlackBuild b/source/n/bluez/bluez.SlackBuild
index 3dbd00f7e..8fc07365c 100755
--- a/source/n/bluez/bluez.SlackBuild
+++ b/source/n/bluez/bluez.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2009, 2010, 2011, 2012, 2013, 2016  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2009, 2010, 2011, 2012, 2013, 2016, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=bluez
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-3}
 
 NUMJOBS=${NUMJOBS:--j7}
 
@@ -36,6 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -58,7 +67,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/${PKGNAM}-${VERSION}.tar.xz || exit 1
+tar xvf $CWD/${PKGNAM}-${VERSION}.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
@@ -69,10 +78,27 @@ find . \
 
 zcat $CWD/bluez-5.30-obexd_without_systemd-1.patch.gz | patch -p1 --verbose || exit 1
 
+# Fix bluetoothd crashes:
+zcat $CWD/gatt_fix_crash.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/refresh_adv_manager_for_non-LE_devices.diff.gz | patch -p1 --verbose || exit 1
+
 autoreconf -vif
 
 sed -i -e 's|-lreadline|\0 -lncursesw|g' Makefile.{in,tools}
 
+# We're adding --enable-deprecated due to this commit: 
+#
+# commit b1eb2c4cd057624312e0412f6c4be000f7fc3617
+#Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+#Date:   Wed Jan 4 14:23:58 2017 +0200
+#
+#    build: Hide deprecated tools under --enable-deprecated
+#    
+#    This marks the following tools as deprecated as they are not longer
+#    maintained or have been replaced by other tools:
+#    
+#      hciattach hciconfig hcitool hcidump rfcomm sdptool ciptool gatttool
+
 CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 LDFLAGS="-L/usr/lib$LIBDIRSUFFIX" \
@@ -85,11 +111,15 @@ LDFLAGS="-L/usr/lib$LIBDIRSUFFIX" \
   --docdir=/usr/doc/${PKGNAM}-${VERSION} \
   --enable-library \
   --disable-systemd \
+  --enable-deprecated \
   --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 # Use reset=1 for the btusb module, which supposedly fixes reconnect problems:
 mkdir -p $PKG/lib/modprobe.d
 cp -a $CWD/btusb.conf $PKG/lib/modprobe.d
@@ -105,7 +135,6 @@ mkdir -p $PKG/etc/bluetooth $PKG/etc/default
 cat src/main.conf > $PKG/etc/bluetooth/main.conf.new
 cat profiles/input/input.conf > $PKG/etc/bluetooth/input.conf.new
 cat profiles/network/network.conf > $PKG/etc/bluetooth/network.conf.new
-cat profiles/proximity/proximity.conf > $PKG/etc/bluetooth/proximity.conf.new
 cat $CWD/config/uart.conf > $PKG/etc/bluetooth/uart.conf.new
 cat $CWD/config/defaultconfig > $PKG/etc/default/bluetooth.new
 
@@ -117,6 +146,13 @@ cat $CWD/config/rc.bluetooth > $PKG/etc/rc.d/rc.bluetooth.new
 # script is not executable:
 chmod 755 $PKG/etc/rc.d/rc.bluetooth.new
 
+# If the deprecated utility gatttool was built, go ahead and install it:
+if [ -x attrib/gatttool ]; then
+  cp attrib/gatttool $PKG/usr/bin
+  chown root:root $PKG/usr/bin/gatttool
+  chmod 755 $PKG/usr/bin/gatttool
+fi
+
 # Compress and if needed symlink the man pages:
 if [ -d $PKG/usr/man ]; then
   ( cd $PKG/usr/man
diff --git a/source/n/bluez/doinst.sh b/source/n/bluez/doinst.sh
index 7fc213834..796630fd2 100644
--- a/source/n/bluez/doinst.sh
+++ b/source/n/bluez/doinst.sh
@@ -21,7 +21,6 @@ config etc/rc.d/rc.bluetooth.new
 config etc/bluetooth/input.conf.new
 config etc/bluetooth/main.conf.new
 config etc/bluetooth/network.conf.new
-config etc/bluetooth/proximity.conf.new
 config etc/bluetooth/uart.conf.new
 config etc/default/bluetooth.new
 
diff --git a/source/n/bluez/gatt_fix_crash.diff b/source/n/bluez/gatt_fix_crash.diff
new file mode 100644
index 000000000..d05785252
--- /dev/null
+++ b/source/n/bluez/gatt_fix_crash.diff
@@ -0,0 +1,43 @@
+From e10c204e1226e94a1eaaeaee076e7e2e5b13c504 Mon Sep 17 00:00:00 2001
+From: Szymon Janc <szymon.janc@codecoup.pl>
+Date: Wed, 4 Apr 2018 09:28:56 +0200
+Subject: gatt: Fix crash with BR/EDR only adapter
+
+adapter->database can be NULL if controller is BR/EDR only or LE was
+disabled. Make btd_gatt_database_restore_svc_chng_ccc accept NULL
+pointer and silently ignore it similiar to rest of btd_gatt_database
+API.
+
+Invalid read of size 8
+   at 0x164DCB: btd_gatt_database_restore_svc_chng_ccc (src/bluez-git/src/bluetoothd)
+   by 0x17B70F: read_info_complete (src/bluez-git/src/bluetoothd)
+   by 0x1A7E58: request_complete (src/bluez-git/src/bluetoothd)
+   by 0x1A89AD: can_read_data (src/bluez-git/src/bluetoothd)
+   by 0x1B5752: watch_callback (src/bluez-git/src/bluetoothd)
+   by 0x4E852C5: g_main_context_dispatch (in /usr/lib/libglib-2.0.so.0.5600.0)
+   by 0x4E856A0: ??? (in /usr/lib/libglib-2.0.so.0.5600.0)
+   by 0x4E859D1: g_main_loop_run (in /usr/lib/libglib-2.0.so.0.5600.0)
+   by 0x125058: main (src/bluez-git/src/bluetoothd)
+ Address 0x40 is not stack'd, malloc'd or (recently) free'd
+---
+ src/gatt-database.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/gatt-database.c b/src/gatt-database.c
+index 1cdc72e..0ac5b75 100644
+--- a/src/gatt-database.c
++++ b/src/gatt-database.c
+@@ -3330,6 +3330,9 @@ void btd_gatt_database_restore_svc_chng_ccc(struct btd_gatt_database *database)
+ 	uint8_t value[4];
+ 	uint16_t handle, ccc_handle;
+ 
++	if (!database)
++		return;
++
+ 	handle = gatt_db_attribute_get_handle(database->svc_chngd);
+ 	ccc_handle = gatt_db_attribute_get_handle(database->svc_chngd_ccc);
+ 
+-- 
+cgit v1.1
+
+
diff --git a/source/n/bluez/refresh_adv_manager_for_non-LE_devices.diff b/source/n/bluez/refresh_adv_manager_for_non-LE_devices.diff
new file mode 100644
index 000000000..922d9d383
--- /dev/null
+++ b/source/n/bluez/refresh_adv_manager_for_non-LE_devices.diff
@@ -0,0 +1,52 @@
+From 2c3bba7b38be03834162e34069156f1fd49f0528 Mon Sep 17 00:00:00 2001
+From: "antoine.belvire@laposte.net" <antoine.belvire@laposte.net>
+Date: Tue, 27 Mar 2018 20:30:26 +0200
+Subject: adapter: Don't refresh adv_manager for non-LE devices
+
+btd_adv_manager_refresh is called upon MGMT_SETTING_DISCOVERABLE setting change
+but as only LE adapters have an adv_manager, this leads to segmentation fault
+for non-LE devices:
+
+0  btd_adv_manager_refresh (manager=0x0) at src/advertising.c:1176
+1  0x0000556fe45fcb02 in settings_changed (settings=<optimized out>,
+    adapter=0x556fe53f7c70) at src/adapter.c:543
+2  new_settings_callback (index=<optimized out>, length=<optimized out>,
+    param=<optimized out>, user_data=0x556fe53f7c70) at src/adapter.c:573
+3  0x0000556fe462c278 in request_complete (mgmt=mgmt@entry=0x556fe53f20c0,
+    status=<optimized out>, opcode=opcode@entry=7, index=index@entry=0,
+    length=length@entry=4, param=0x556fe53eb5f9) at src/shared/mgmt.c:261
+4  0x0000556fe462cd9d in can_read_data (io=<optimized out>,
+    user_data=0x556fe53f20c0) at src/shared/mgmt.c:353
+5  0x0000556fe46396e3 in watch_callback (channel=<optimized out>,
+    cond=<optimized out>, user_data=<optimized out>)
+    at src/shared/io-glib.c:170
+6  0x00007fe351c980e5 in g_main_context_dispatch ()
+   from /usr/lib64/libglib-2.0.so.0
+7  0x00007fe351c984b0 in ?? () from /usr/lib64/libglib-2.0.so.0
+8  0x00007fe351c987c2 in g_main_loop_run () from /usr/lib64/libglib-2.0.so.0
+9  0x0000556fe45abc75 in main (argc=<optimized out>, argv=<optimized out>)
+    at src/main.c:770
+
+This commit prevents the call to btd_adv_manager_refresh for non-LE devices.
+---
+ src/adapter.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/adapter.c b/src/adapter.c
+index 6b9222b..daccfdc 100644
+--- a/src/adapter.c
++++ b/src/adapter.c
+@@ -540,7 +540,8 @@ static void settings_changed(struct btd_adapter *adapter, uint32_t settings)
+ 		g_dbus_emit_property_changed(dbus_conn, adapter->path,
+ 					ADAPTER_INTERFACE, "Discoverable");
+ 		store_adapter_info(adapter);
+-		btd_adv_manager_refresh(adapter->adv_manager);
++		if (adapter->supported_settings & MGMT_SETTING_LE)
++			btd_adv_manager_refresh(adapter->adv_manager);
+ 	}
+ 
+ 	if (changed_mask & MGMT_SETTING_BONDABLE) {
+-- 
+cgit v1.1
+
+
diff --git a/source/n/bluez/slack-desc b/source/n/bluez/slack-desc
index 607fa4d96..701f77c52 100644
--- a/source/n/bluez/slack-desc
+++ b/source/n/bluez/slack-desc
@@ -1,18 +1,18 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 bluez: bluez (Bluetooth libraries and utilities)
 bluez:
 bluez: Bluez is the Bluetooth stack for Linux, allowing Bluetooth adaptors
-bluez: and devices to be used with Linux.  This package contains the Bluez
+bluez: and devices to be used with Linux. This package contains the Bluez
 bluez: libraries, utilities, and other support files.
 bluez: 
-bluez: For more info, visit:  http://www.bluez.org
+bluez: For more info, visit: http://www.bluez.org
 bluez:
 bluez:
 bluez:
diff --git a/source/n/bootp/bootp.SlackBuild b/source/n/bootp/bootp.SlackBuild
index b3d74cf8a..d3c89ee7e 100755
--- a/source/n/bootp/bootp.SlackBuild
+++ b/source/n/bootp/bootp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,22 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=bootp
 VERSION=${VERSION:-2.4.3}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-bootp
 
diff --git a/source/n/bootp/slack-desc b/source/n/bootp/slack-desc
index bc837a349..795a1d7c7 100644
--- a/source/n/bootp/slack-desc
+++ b/source/n/bootp/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/bridge-utils/bridge-utils.SlackBuild b/source/n/bridge-utils/bridge-utils.SlackBuild
index 4431da200..fc001d78e 100755
--- a/source/n/bridge-utils/bridge-utils.SlackBuild
+++ b/source/n/bridge-utils/bridge-utils.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=bridge-utils
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
@@ -32,9 +34,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
diff --git a/source/n/bridge-utils/slack-desc b/source/n/bridge-utils/slack-desc
index 266b6ce77..f588ecd96 100644
--- a/source/n/bridge-utils/slack-desc
+++ b/source/n/bridge-utils/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
             |-----handy-ruler------------------------------------------------------|
 bridge-utils: bridge-utils (network Ethernet bridging utilities)
 bridge-utils:
 bridge-utils: This package contains utilities for configuring Linux Ethernet
-bridge-utils: bridges.  The Linux Ethernet bridge can be used for connecting
-bridge-utils: multiple Ethernet devices together.  The connecting is fully
-bridge-utils: transparent.  Hosts connected to one Ethernet device see hosts
+bridge-utils: bridges. The Linux Ethernet bridge can be used for connecting
+bridge-utils: multiple Ethernet devices together. The connecting is fully
+bridge-utils: transparent. Hosts connected to one Ethernet device see hosts
 bridge-utils: connected through a bridge to the other Ethernet devices directly.
 bridge-utils:
 bridge-utils: bridge-utils was written by Stephen Hemminger and Lennert Buytenhek.
diff --git a/source/n/bsd-finger/bsd-finger-0.16-allocbroken.patch b/source/n/bsd-finger/bsd-finger-0.16-allocbroken.patch
new file mode 100644
index 000000000..84519c343
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.16-allocbroken.patch
@@ -0,0 +1,18 @@
+--- bsd-finger-0.16/finger/util.c.broken	Wed May 31 16:56:46 2000
++++ bsd-finger-0.16/finger/util.c	Wed May 31 16:57:45 2000
+@@ -350,6 +350,7 @@
+ 		eprintf("finger: Out of space.\n");
+ 		exit(1);
+ 	}
++	memset(p, 0, sizeof(PERSON));
+ 	return(p);
+ }
+ 
+@@ -362,6 +363,7 @@
+ 		eprintf("finger: Out of space.\n");
+ 		exit(1);
+ 	}
++	memset(w, 0, sizeof(WHERE));
+ 	if (pn->whead == NULL)
+ 		pn->whead = pn->wtail = w;
+ 	else {
diff --git a/source/n/bsd-finger/bsd-finger-0.16-pts.patch b/source/n/bsd-finger/bsd-finger-0.16-pts.patch
new file mode 100644
index 000000000..abae793ed
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.16-pts.patch
@@ -0,0 +1,16 @@
+--- bsd-finger-0.16/finger/util.c.pts	Tue Sep 28 18:53:58 1999
++++ bsd-finger-0.16/finger/util.c	Tue Dec 21 14:12:56 1999
+@@ -71,8 +71,13 @@
+ 	}
+ 	snprintf(tbuf, TBUFLEN, "%s/%s", _PATH_DEV, w->tty);
+ 	if (stat(tbuf, &sb) < 0) {
++	    switch (errno) {
++	    case ENOENT:
++		break;
++	    default:
+ 		eprintf("finger: %s: %s\n", tbuf, strerror(errno));
+ 		return;
++	    }
+ 	}
+ 	w->idletime = now < sb.st_atime ? 0 : now - sb.st_atime;
+ 
diff --git a/source/n/bsd-finger/bsd-finger-0.17-coverity-bugs.patch b/source/n/bsd-finger/bsd-finger-0.17-coverity-bugs.patch
new file mode 100644
index 000000000..06e38ed00
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-coverity-bugs.patch
@@ -0,0 +1,468 @@
+From 88971a0a5660805f71ba8696e9291eaee822d996 Mon Sep 17 00:00:00 2001
+From: Tomas Hozza <thozza@redhat.com>
+Date: Fri, 8 Feb 2013 15:12:32 +0100
+Subject: [PATCH 1/4] OVERRUN (CWE-119)
+
+Coverity output:
+bsd-finger-0.17/finger/util.c:392: cond_true: Condition "*q", taking
+true branch
+bsd-finger-0.17/finger/util.c:393: cond_false: Condition
+"!(*__ctype_b_loc()[(int)*q] & 2048 /* (unsigned short)_ISdigit */)",
+taking false branch
+bsd-finger-0.17/finger/util.c:394: if_end: End of if statement
+bsd-finger-0.17/finger/util.c:394: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/util.c:392: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/util.c:392: cond_false: Condition "*q", taking
+false branch
+bsd-finger-0.17/finger/util.c:394: loop_end: Reached end of loop
+bsd-finger-0.17/finger/util.c:396: alias: Assigning: "p" = "pbuf". "p"
+now points to byte 0 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:397: switch: Switch case value "11"
+bsd-finger-0.17/finger/util.c:398: switch_case: Reached case "11"
+bsd-finger-0.17/finger/util.c:399: ptr_incr: Incrementing "p". "p" now
+points to byte 1 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:400: ptr_incr: Incrementing "p". "p" now
+points to byte 2 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:401: ptr_incr: Incrementing "p". "p" now
+points to byte 3 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:404: ptr_incr: Incrementing "p". "p" now
+points to byte 4 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:405: ptr_incr: Incrementing "p". "p" now
+points to byte 5 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:406: ptr_incr: Incrementing "p". "p" now
+points to byte 6 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:407: ptr_incr: Incrementing "p". "p" now
+points to byte 7 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:410: ptr_incr: Incrementing "p". "p" now
+points to byte 8 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:411: ptr_incr: Incrementing "p". "p" now
+points to byte 9 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:412: ptr_incr: Incrementing "p". "p" now
+points to byte 10 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:413: break: Breaking from switch
+bsd-finger-0.17/finger/util.c:421: switch_end: Reached end of switch
+bsd-finger-0.17/finger/util.c:422: cond_true: Condition "len != 4",
+taking true branch
+bsd-finger-0.17/finger/util.c:423: ptr_incr: Incrementing "p". "p" now
+points to byte 11 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:424: ptr_incr: Incrementing "p". "p" now
+points to byte 12 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:426: ptr_incr: Incrementing "p". "p" now
+points to byte 13 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:427: ptr_incr: Incrementing "p". "p" now
+points to byte 14 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:428: ptr_incr: Incrementing "p". "p" now
+points to byte 15 of "pbuf" (which consists of 15 bytes).
+bsd-finger-0.17/finger/util.c:429: overrun-local: Overrunning array of
+15 bytes at byte offset 15 by dereferencing pointer "p".
+
+Signed-off-by: Tomas Hozza <thozza@redhat.com>
+---
+ finger/util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/finger/util.c b/finger/util.c
+index a9c3b5d..ee44541 100644
+--- a/finger/util.c
++++ b/finger/util.c
+@@ -386,7 +386,7 @@ prphone(const char *num)
+ 	char *p;
+ 	const char *q;
+ 	int len;
+-	static char pbuf[15];
++	static char pbuf[16];
+ 
+ 	/* don't touch anything if the user has their own formatting */
+ 	for (q = num; *q; ++q)
+-- 
+1.8.1.2
+
+
+From 93a36eb8d32b0cbe3034e3742b128eb81934875c Mon Sep 17 00:00:00 2001
+From: Tomas Hozza <thozza@redhat.com>
+Date: Fri, 8 Feb 2013 15:19:34 +0100
+Subject: [PATCH 2/4] RESOURCE_LEAK (CWE-772)
+
+Coverity output:
+bsd-finger-0.17/finger/finger.c:293: cond_false: Condition "setlocale(6,
+"") != NULL", taking false branch
+bsd-finger-0.17/finger/finger.c:294: if_end: End of if statement
+bsd-finger-0.17/finger/finger.c:296: alloc_fn: Storage is returned from
+allocation function "calloc(size_t, size_t)".
+bsd-finger-0.17/finger/finger.c:296: var_assign: Assigning: "used" =
+storage returned from "calloc(argc, 4UL)".
+bsd-finger-0.17/finger/finger.c:297: cond_false: Condition "!used",
+taking false branch
+bsd-finger-0.17/finger/finger.c:300: if_end: End of if statement
+bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc",
+taking true branch
+bsd-finger-0.17/finger/finger.c:304: cond_true: Condition
+"!__coverity_strchr(argv[i], 64)", taking true branch
+bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop
+bsd-finger-0.17/finger/finger.c:313: loop: Looping back
+bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc",
+taking true branch
+bsd-finger-0.17/finger/finger.c:304: cond_true: Condition
+"!__coverity_strchr(argv[i], 64)", taking true branch
+bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop
+bsd-finger-0.17/finger/finger.c:313: loop: Looping back
+bsd-finger-0.17/finger/finger.c:303: cond_false: Condition "i < argc",
+taking false branch
+bsd-finger-0.17/finger/finger.c:313: loop_end: Reached end of loop
+bsd-finger-0.17/finger/finger.c:316: cond_true: Condition "dolocal",
+taking true branch
+bsd-finger-0.17/finger/finger.c:316: noescape: Resource "used" is not
+freed or pointed-to in function "do_local(int, char **, int *)".
+bsd-finger-0.17/finger/finger.c:251:51: noescape: "do_local(int, char
+**, int *)" does not free or save its pointer parameter "used".
+bsd-finger-0.17/finger/finger.c:319: cond_false: Condition "pn", taking
+false branch
+bsd-finger-0.17/finger/finger.c:323: loop_end: Reached end of loop
+bsd-finger-0.17/finger/finger.c:325: cond_true: Condition "entries ==
+0", taking true branch
+bsd-finger-0.17/finger/finger.c:326: leaked_storage: Variable "used"
+going out of scope leaks the storage it points to.
+
+bsd-finger-0.17/finger/finger.c:293: cond_false: Condition "setlocale(6,
+"") != NULL", taking false branch
+bsd-finger-0.17/finger/finger.c:294: if_end: End of if statement
+bsd-finger-0.17/finger/finger.c:296: alloc_fn: Storage is returned from
+allocation function "calloc(size_t, size_t)".
+bsd-finger-0.17/finger/finger.c:296: var_assign: Assigning: "used" =
+storage returned from "calloc(argc, 4UL)".
+bsd-finger-0.17/finger/finger.c:297: cond_false: Condition "!used",
+taking false branch
+bsd-finger-0.17/finger/finger.c:300: if_end: End of if statement
+bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc",
+taking true branch
+bsd-finger-0.17/finger/finger.c:304: cond_true: Condition
+"!__coverity_strchr(argv[i], 64)", taking true branch
+bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop
+bsd-finger-0.17/finger/finger.c:313: loop: Looping back
+bsd-finger-0.17/finger/finger.c:303: cond_true: Condition "i < argc",
+taking true branch
+bsd-finger-0.17/finger/finger.c:304: cond_true: Condition
+"!__coverity_strchr(argv[i], 64)", taking true branch
+bsd-finger-0.17/finger/finger.c:306: continue: Continuing loop
+bsd-finger-0.17/finger/finger.c:313: loop: Looping back
+bsd-finger-0.17/finger/finger.c:303: cond_false: Condition "i < argc",
+taking false branch
+bsd-finger-0.17/finger/finger.c:313: loop_end: Reached end of loop
+bsd-finger-0.17/finger/finger.c:316: cond_true: Condition "dolocal",
+taking true branch
+bsd-finger-0.17/finger/finger.c:316: noescape: Resource "used" is not
+freed or pointed-to in function "do_local(int, char **, int *)".
+bsd-finger-0.17/finger/finger.c:251:51: noescape: "do_local(int, char
+**, int *)" does not free or save its pointer parameter "used".
+bsd-finger-0.17/finger/finger.c:319: cond_true: Condition "pn", taking
+true branch
+bsd-finger-0.17/finger/finger.c:321: cond_false: Condition "pn->next",
+taking false branch
+bsd-finger-0.17/finger/finger.c:321: cond_true: Condition "entries",
+taking true branch
+bsd-finger-0.17/finger/finger.c:323: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/finger.c:319: loop_begin: Jumped back to
+beginning of loop
+bsd-finger-0.17/finger/finger.c:319: cond_false: Condition "pn", taking
+false branch
+bsd-finger-0.17/finger/finger.c:323: loop_end: Reached end of loop
+bsd-finger-0.17/finger/finger.c:325: cond_false: Condition "entries ==
+0", taking false branch
+bsd-finger-0.17/finger/finger.c:326: if_end: End of if statement
+bsd-finger-0.17/finger/finger.c:339: cond_false: Condition "(uptr =
+getutent()) != NULL", taking false branch
+bsd-finger-0.17/finger/finger.c:351: loop_end: Reached end of loop
+bsd-finger-0.17/finger/finger.c:352: cond_true: Condition "pn != NULL",
+taking true branch
+bsd-finger-0.17/finger/finger.c:354: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/finger.c:352: loop_begin: Jumped back to
+beginning of loop
+bsd-finger-0.17/finger/finger.c:352: cond_false: Condition "pn != NULL",
+taking false branch
+bsd-finger-0.17/finger/finger.c:354: loop_end: Reached end of loop
+bsd-finger-0.17/finger/finger.c:356: leaked_storage: Variable "used"
+going out of scope leaks the storage it points to.
+
+Signed-off-by: Tomas Hozza <thozza@redhat.com>
+---
+ finger/finger.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/finger/finger.c b/finger/finger.c
+index ebf7309..6653e82 100644
+--- a/finger/finger.c
++++ b/finger/finger.c
+@@ -323,7 +323,10 @@ userlist(int argc, char *argv[])
+ 	}
+ 
+ 	if (entries == 0)
++	{
++		free(used);
+ 		return;
++	}
+ 
+ 	/*
+ 	 * Scan thru the list of users currently logged in, saving
+@@ -353,4 +356,5 @@ userlist(int argc, char *argv[])
+ 		enter_lastlog(pn);
+ 	}
+ 	endutent();
++	free(used);
+ }
+-- 
+1.8.1.2
+
+
+From bf805902875147e582402fa736022c10edb163bc Mon Sep 17 00:00:00 2001
+From: Tomas Hozza <thozza@redhat.com>
+Date: Fri, 8 Feb 2013 15:41:05 +0100
+Subject: [PATCH 3/4] RESOURCE_LEAK (CWE-772)
+
+Coverity output:
+bsd-finger-0.17/finger/sprint.c:60: alloc_fn: Storage is returned from
+allocation function "sort(void)".
+bsd-finger-0.17/finger/sprint.c:142:2: alloc_fn: Storage is returned
+from allocation function "malloc(size_t)".
+bsd-finger-0.17/finger/sprint.c:142:2: var_assign: Assigning: "list" =
+"malloc((u_int)(entries * 8UL))".
+bsd-finger-0.17/finger/sprint.c:142:2: cond_false: Condition "!(list =
+(PERSON **)malloc((u_int)(entries * 8UL /* sizeof (PERSON *) */)))",
+taking false branch
+bsd-finger-0.17/finger/sprint.c:145:2: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:146:7: var_assign: Assigning: "lp" =
+"list".
+bsd-finger-0.17/finger/sprint.c:146:2: cond_true: Condition "pn !=
+NULL", taking true branch
+bsd-finger-0.17/finger/sprint.c:147:3: loop: Jumping back to the
+beginning of the loop
+bsd-finger-0.17/finger/sprint.c:146:2: loop_begin: Jumped back to
+beginning of loop
+bsd-finger-0.17/finger/sprint.c:146:2: cond_false: Condition "pn !=
+NULL", taking false branch
+bsd-finger-0.17/finger/sprint.c:147:3: loop_end: Reached end of loop
+bsd-finger-0.17/finger/sprint.c:148:2: noescape: Resource "list" is not
+freed or pointed-to in function "qsort(void *, size_t, size_t,
+__compar_fn_t)".
+bsd-finger-0.17/finger/sprint.c:149:2: return_alloc: Returning allocated
+memory "list".
+bsd-finger-0.17/finger/sprint.c:60: var_assign: Assigning: "list" =
+storage returned from "sort()".
+bsd-finger-0.17/finger/sprint.c:76: cond_true: Condition "cnt <
+entries", taking true branch
+bsd-finger-0.17/finger/sprint.c:79: cond_true: Condition "pn->name",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:80: cond_true: Condition "l > maxlname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:81: cond_true: Condition "pn->realname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:82: cond_true: Condition "l > maxrname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:83: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:76: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:76: cond_true: Condition "cnt <
+entries", taking true branch
+bsd-finger-0.17/finger/sprint.c:79: cond_true: Condition "pn->name",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:80: cond_true: Condition "l > maxlname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:81: cond_true: Condition "pn->realname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:82: cond_true: Condition "l > maxrname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:83: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:76: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:76: cond_true: Condition "cnt <
+entries", taking true branch
+bsd-finger-0.17/finger/sprint.c:79: cond_true: Condition "pn->name",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:80: cond_true: Condition "l > maxlname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:81: cond_true: Condition "pn->realname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:82: cond_false: Condition "l >
+maxrname", taking false branch
+bsd-finger-0.17/finger/sprint.c:82: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:83: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:76: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:76: cond_false: Condition "cnt <
+entries", taking false branch
+bsd-finger-0.17/finger/sprint.c:83: loop_end: Reached end of loop
+bsd-finger-0.17/finger/sprint.c:86: cond_true: Condition "maxlname +
+maxrname > space", taking true branch
+bsd-finger-0.17/finger/sprint.c:89: cond_true: Condition "maxlname +
+maxrname < space - 2", taking true branch
+bsd-finger-0.17/finger/sprint.c:93: cond_true: Condition "cnt <
+entries", taking true branch
+bsd-finger-0.17/finger/sprint.c:95: cond_true: Condition "w != NULL",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:96: cond_true: Condition "pn->realname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:99: cond_true: Condition "!w->loginat",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:101: goto: Jumping to label "office"
+bsd-finger-0.17/finger/sprint.c:120: label: Reached label "office"
+bsd-finger-0.17/finger/sprint.c:121: cond_true: Condition "pn->office",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:122: if_fallthrough: Falling through to
+end of if statement
+bsd-finger-0.17/finger/sprint.c:124: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:125: cond_true: Condition
+"pn->officephone", taking true branch
+bsd-finger-0.17/finger/sprint.c:126: if_fallthrough: Falling through to
+end of if statement
+bsd-finger-0.17/finger/sprint.c:129: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:131: cond_true: Condition "w->host[0] !=
+0", taking true branch
+bsd-finger-0.17/finger/sprint.c:134: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:95: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:95: cond_false: Condition "w != NULL",
+taking false branch
+bsd-finger-0.17/finger/sprint.c:134: loop_end: Reached end of loop
+bsd-finger-0.17/finger/sprint.c:135: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:93: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:93: cond_true: Condition "cnt <
+entries", taking true branch
+bsd-finger-0.17/finger/sprint.c:95: cond_true: Condition "w != NULL",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:96: cond_true: Condition "pn->realname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:99: cond_true: Condition "!w->loginat",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:101: goto: Jumping to label "office"
+bsd-finger-0.17/finger/sprint.c:120: label: Reached label "office"
+bsd-finger-0.17/finger/sprint.c:121: cond_true: Condition "pn->office",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:122: if_fallthrough: Falling through to
+end of if statement
+bsd-finger-0.17/finger/sprint.c:124: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:125: cond_true: Condition
+"pn->officephone", taking true branch
+bsd-finger-0.17/finger/sprint.c:126: if_fallthrough: Falling through to
+end of if statement
+bsd-finger-0.17/finger/sprint.c:129: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:131: cond_true: Condition "w->host[0] !=
+0", taking true branch
+bsd-finger-0.17/finger/sprint.c:134: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:95: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:95: cond_false: Condition "w != NULL",
+taking false branch
+bsd-finger-0.17/finger/sprint.c:134: loop_end: Reached end of loop
+bsd-finger-0.17/finger/sprint.c:135: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:93: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:93: cond_true: Condition "cnt <
+entries", taking true branch
+bsd-finger-0.17/finger/sprint.c:95: cond_true: Condition "w != NULL",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:96: cond_true: Condition "pn->realname",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:99: cond_true: Condition "!w->loginat",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:101: goto: Jumping to label "office"
+bsd-finger-0.17/finger/sprint.c:120: label: Reached label "office"
+bsd-finger-0.17/finger/sprint.c:121: cond_true: Condition "pn->office",
+taking true branch
+bsd-finger-0.17/finger/sprint.c:122: if_fallthrough: Falling through to
+end of if statement
+bsd-finger-0.17/finger/sprint.c:124: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:125: cond_true: Condition
+"pn->officephone", taking true branch
+bsd-finger-0.17/finger/sprint.c:126: if_fallthrough: Falling through to
+end of if statement
+bsd-finger-0.17/finger/sprint.c:129: if_end: End of if statement
+bsd-finger-0.17/finger/sprint.c:131: cond_true: Condition "w->host[0] !=
+0", taking true branch
+bsd-finger-0.17/finger/sprint.c:134: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:95: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:95: cond_false: Condition "w != NULL",
+taking false branch
+bsd-finger-0.17/finger/sprint.c:134: loop_end: Reached end of loop
+bsd-finger-0.17/finger/sprint.c:135: loop: Jumping back to the beginning
+of the loop
+bsd-finger-0.17/finger/sprint.c:93: loop_begin: Jumped back to beginning
+of loop
+bsd-finger-0.17/finger/sprint.c:93: cond_false: Condition "cnt <
+entries", taking false branch
+bsd-finger-0.17/finger/sprint.c:135: loop_end: Reached end of loop
+bsd-finger-0.17/finger/sprint.c:136: leaked_storage: Variable "list"
+going out of scope leaks the storage it points to.
+
+Signed-off-by: Tomas Hozza <thozza@redhat.com>
+---
+ finger/sprint.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/finger/sprint.c b/finger/sprint.c
+index 0aaa82f..c66584f 100644
+--- a/finger/sprint.c
++++ b/finger/sprint.c
+@@ -133,6 +133,7 @@ office:
+ 			xputc('\n');
+ 		}
+ 	}
++	free(list);
+ }
+ 
+ static PERSON **sort(void) {
+-- 
+1.8.1.2
+
+
+From d8638a83edb2ab42adaa8a77f74d350095ce281f Mon Sep 17 00:00:00 2001
+From: Tomas Hozza <thozza@redhat.com>
+Date: Fri, 8 Feb 2013 15:58:40 +0100
+Subject: [PATCH 4/4] DEADCODE (CWE-561)
+
+Coverity output:
+bsd-finger-0.17/finger/net.c:173: assignment: Assigning: "ateol" = "1".
+bsd-finger-0.17/finger/net.c:178: assignment: Assigning: "ateol" = "1".
+bsd-finger-0.17/finger/net.c:191: const: At condition "ateol", the value
+of "ateol" must be equal to 1.
+bsd-finger-0.17/finger/net.c:191: dead_error_condition: The condition
+"!ateol" cannot be true.
+bsd-finger-0.17/finger/net.c:191: dead_error_line: Execution cannot
+reach this statement "xputc(10);".
+
+Signed-off-by: Tomas Hozza <thozza@redhat.com>
+---
+ finger/net.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/finger/net.c b/finger/net.c
+index d273432..157090f 100644
+--- a/finger/net.c
++++ b/finger/net.c
+@@ -183,7 +183,10 @@ void netfinger(const char *name) {
+ 			/* don't print */
+ 		}
+ 		else {
+-			if (c == '\n') ateol = 1;
++			if (c == '\n')
++				ateol = 1;
++			else
++				ateol = 0;
+ 			sawret = 0;
+ 			xputc(c);
+ 		}
+-- 
+1.8.1.2
+
diff --git a/source/n/bsd-finger/bsd-finger-0.17-exact.patch b/source/n/bsd-finger/bsd-finger-0.17-exact.patch
new file mode 100644
index 000000000..6d756dfae
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-exact.patch
@@ -0,0 +1,25 @@
+--- bsd-finger-0.17-pre20000412/finger/finger.c.exact	Sat Dec 18 11:41:51 1999
++++ bsd-finger-0.17-pre20000412/finger/finger.c	Sun Aug 27 21:17:57 2000
+@@ -238,15 +238,14 @@
+ 	 * traverse the list of possible login names and check the login name
+ 	 * and real name against the name specified by the user.
+ 	 */
+-	if (mflag) {
+-		for (i = 0; i < argc; i++)
+-			if (used[i] >= 0 && (pw = getpwnam(argv[i]))) {
+-				if (!check_nofinger(pw)) {
+-					enter_person(pw);
+-					used[i] = 1;
+-				}
++	for (i = 0; i < argc; i++)
++		if (used[i] >= 0 && (pw = getpwnam(argv[i]))) {
++			if (!check_nofinger(pw)) {
++				enter_person(pw);
++				used[i] = 1;
+ 			}
++		}
+-	} else for (pw = getpwent(); pw; pw = getpwent())
++	if(!mflag) for (pw = getpwent(); pw; pw = getpwent())
+ 		for (i = 0; i < argc; i++)
+ 			if (used[i] >= 0 &&
+ 			    (!strcasecmp(pw->pw_name, argv[i]) ||
diff --git a/source/n/bsd-finger/bsd-finger-0.17-host-info.patch b/source/n/bsd-finger/bsd-finger-0.17-host-info.patch
new file mode 100644
index 000000000..a7ce14ac7
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-host-info.patch
@@ -0,0 +1,36 @@
+--- bsd-finger-0.17/finger/sprint.c	2009-11-02 13:11:20.000000000 +0530
++++ bsd-finger-0.17/finger/sprint.c.add-host-column	2009-11-02 13:10:43.000000000 +0530
+@@ -89,7 +89,7 @@ void sflag_print(void) {
+ 	if (maxlname + maxrname < space-2) { maxlname++; maxrname++; }
+ 
+ 	(void)xprintf("%-*s %-*s %s\n", maxlname, "Login", maxrname,
+-	    "Name", " Tty      Idle  Login Time   Office     Office Phone");
++	    "Name", " Tty      Idle  Login Time   Office     Office Phone   Host");
+ 	for (cnt = 0; cnt < entries; ++cnt) {
+ 		pn = list[cnt];
+ 		for (w = pn->whead; w != NULL; w = w->next) {
+@@ -118,17 +118,18 @@ void sflag_print(void) {
+ 			else
+ 				(void)xprintf(" %.5s", p + 11);
+ office:
+-			if (w->host[0] != '\0') {
+-				xprintf(" (%s)", w->host);
+-			} else {
+ 			if (pn->office)
+ 				(void)xprintf(" %-10.10s", pn->office);
+-			else if (pn->officephone)
++			else
+ 				(void)xprintf(" %-10.10s", " ");
+ 			if (pn->officephone)
+-				(void)xprintf(" %-.14s",
++				(void)xprintf(" %-14.14s",
+ 				    prphone(pn->officephone));
+-			}
++			else if (w->host[0] != '\0')
++				(void)xprintf(" %-14.14s", " ");
++
++			if (w->host[0] != '\0')
++				xprintf(" (%s)", w->host);
+ 			xputc('\n');
+ 		}
+ 	}
diff --git a/source/n/bsd-finger/bsd-finger-0.17-init-realname.patch b/source/n/bsd-finger/bsd-finger-0.17-init-realname.patch
new file mode 100644
index 000000000..f46118e14
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-init-realname.patch
@@ -0,0 +1,10 @@
+--- bsd-finger-0.17-orig/finger/util.c	2009-08-24 19:14:49.145387327 +0300
++++ bsd-finger-0.17/finger/util.c	2009-08-29 00:47:59.661649249 +0300
+@@ -98,6 +98,7 @@
+ 
+ 	pn->uid = pw->pw_uid;
+ 	pn->name = strdup(pw->pw_name);
++	pn->realname = "";
+ 	pn->dir = strdup(pw->pw_dir);
+ 	pn->shell = strdup(pw->pw_shell);
+ 
diff --git a/source/n/bsd-finger/bsd-finger-0.17-match_sigsegv.patch b/source/n/bsd-finger/bsd-finger-0.17-match_sigsegv.patch
new file mode 100644
index 000000000..f9fd99d6b
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-match_sigsegv.patch
@@ -0,0 +1,13 @@
+diff -up bsd-finger-0.17/finger/util.c.match_sigsegv bsd-finger-0.17/finger/util.c
+--- bsd-finger-0.17/finger/util.c.match_sigsegv	2012-10-16 10:22:26.240480338 +0200
++++ bsd-finger-0.17/finger/util.c	2012-10-16 10:26:15.744072682 +0200
+@@ -186,6 +186,9 @@ match(struct passwd *pw, const char *use
+ 	int i, j, ct, rv=0;
+ 	char *rname;
+ 
++	if (pw == NULL || pw->pw_gecos == NULL)
++		return 0;
++
+ 	strncpy(tbuf, pw->pw_gecos, TBUFLEN);
+ 	tbuf[TBUFLEN-1] = 0;  /* guarantee null termination */
+ 	p = tbuf;
diff --git a/source/n/bsd-finger/bsd-finger-0.17-rfc742.patch b/source/n/bsd-finger/bsd-finger-0.17-rfc742.patch
new file mode 100644
index 000000000..b6dfdc7c4
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-rfc742.patch
@@ -0,0 +1,15 @@
+--- bsd-finger-0.17-pre20000412/fingerd/fingerd.c.rfc742	Sat Jul 22 14:58:58 2000
++++ bsd-finger-0.17-pre20000412/fingerd/fingerd.c	Sat Jul 22 15:01:31 2000
+@@ -214,7 +214,11 @@
+ 	av[k++] = "finger";
+ 	for (s = strtok(line, WS); s && k<ENTRIES; s = strtok(NULL, WS)) {
+ 		/* RFC742: "/[Ww]" == "-l" */
+-		if (!strncasecmp(s, "/w", 2)) memcpy(s, "-l", 2);
++		if (!strncasecmp(s, "/w", 2)) {
++		    if (k < ENTRIES - 1)
++			av[k++] = "-l";
++		    s += 2;
++		}
+ 		if (!forwarding) {
+ 		    t = strchr(s, '@');
+ 		    if (t) {
diff --git a/source/n/bsd-finger/bsd-finger-0.17-strip.patch b/source/n/bsd-finger/bsd-finger-0.17-strip.patch
new file mode 100644
index 000000000..4f8ed5ae1
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-strip.patch
@@ -0,0 +1,22 @@
+--- bsd-finger-0.17/finger/Makefile.strip	Wed Jun 19 15:22:39 2002
++++ bsd-finger-0.17/finger/Makefile	Wed Jun 19 15:25:11 2002
+@@ -11,7 +11,7 @@
+ 
+ install: finger
+ 	install -d $(INSTALLROOT)$(BINDIR)
+-	install -s -m$(BINMODE) finger $(INSTALLROOT)$(BINDIR)
++	install -m$(BINMODE) finger $(INSTALLROOT)$(BINDIR)
+ 	install -d $(INSTALLROOT)$(MANDIR)/man1
+ 	install -m$(MANMODE) finger.1 $(INSTALLROOT)$(MANDIR)/man1
+ 
+--- bsd-finger-0.17/fingerd/Makefile.strip	Wed Jun 19 15:22:39 2002
++++ bsd-finger-0.17/fingerd/Makefile	Wed Jun 19 15:25:27 2002
+@@ -10,7 +10,7 @@
+ 
+ install: fingerd
+ 	install -d $(INSTALLROOT)$(SBINDIR)
+-	install -s -m$(DAEMONMODE) fingerd $(INSTALLROOT)$(SBINDIR)/in.fingerd
++	install -m$(DAEMONMODE) fingerd $(INSTALLROOT)$(SBINDIR)/in.fingerd
+ 	install -d $(INSTALLROOT)$(MANDIR)/man8
+ 	install -m$(MANMODE) fingerd.8 $(INSTALLROOT)$(MANDIR)/man8/in.fingerd.8
+ 	ln -sf in.fingerd.8 $(INSTALLROOT)$(MANDIR)/man8/fingerd.8
diff --git a/source/n/bsd-finger/bsd-finger-0.17-time.patch b/source/n/bsd-finger/bsd-finger-0.17-time.patch
new file mode 100644
index 000000000..ad53193d3
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-time.patch
@@ -0,0 +1,22 @@
+--- bsd-finger-0.17-pre20000412/finger/lprint.c.orig	Tue Sep 14 06:51:11 1999
++++ bsd-finger-0.17-pre20000412/finger/lprint.c	Sun Feb  4 17:57:08 2001
+@@ -48,7 +48,7 @@
+ #include <sys/types.h>
+ #include <sys/file.h>
+ #include <sys/stat.h>
+-#include <sys/time.h>
++#include <time.h>
+ #include "finger.h"
+ 
+ static void lprint(PERSON *pn);
+--- bsd-finger-0.17-pre20000412/finger/sprint.c.orig	Sun Dec 12 13:59:33 1999
++++ bsd-finger-0.17-pre20000412/finger/sprint.c	Sun Feb  4 17:57:22 2001
+@@ -40,7 +40,7 @@
+ #endif /* not lint */
+ 
+ #include <sys/types.h>
+-#include <sys/time.h>
++#include <time.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
diff --git a/source/n/bsd-finger/bsd-finger-0.17-usagi-ipv6.patch b/source/n/bsd-finger/bsd-finger-0.17-usagi-ipv6.patch
new file mode 100644
index 000000000..6034aa03c
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-usagi-ipv6.patch
@@ -0,0 +1,473 @@
+diff -uNr bsd-finger-0.17/CVS/Entries bsd-finger/CVS/Entries
+--- bsd-finger-0.17/CVS/Entries	Thu Jan  1 02:00:00 1970
++++ bsd-finger/CVS/Entries	Fri Mar  9 00:00:29 2001
+@@ -0,0 +1,11 @@
++/.cvsignore/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/BUGS/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/ChangeLog/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/MCONFIG.in/1.3/Sat Jan 27 04:14:52 2001//
++/MRULES/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/Makefile/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/README/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/configure/1.5/Sat Jan 27 04:14:52 2001//
++/version.h/1.1.1.1/Fri Nov  3 19:18:15 2000//
++D/finger////
++D/fingerd////
+diff -uNr bsd-finger-0.17/CVS/Repository bsd-finger/CVS/Repository
+--- bsd-finger-0.17/CVS/Repository	Thu Jan  1 02:00:00 1970
++++ bsd-finger/CVS/Repository	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1 @@
++usagi/src/bsd-finger
+diff -uNr bsd-finger-0.17/CVS/Root bsd-finger/CVS/Root
+--- bsd-finger-0.17/CVS/Root	Thu Jan  1 02:00:00 1970
++++ bsd-finger/CVS/Root	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1 @@
++:pserver:anoncvs@anoncvs.linux-ipv6.org:/cvsroot/usagi
+diff -uNr bsd-finger-0.17/configure bsd-finger/configure
+--- bsd-finger-0.17/configure	Sat Jul 29 21:00:27 2000
++++ bsd-finger/configure	Sat Jan 27 06:14:52 2001
+@@ -25,6 +25,7 @@
+     --daemonmode=mode     Mode for daemon binaries [same as binmode]
+     --manmode=mode        Mode for manual pages [644]
+     --with-c-compiler=cc  Program for compiling C source [guessed]
++    --enable-ipv6         Enable IPv6 support
+ EOF
+ 	exit 0;;
+ 	--verbose) ;;
+@@ -40,6 +41,11 @@
+ 	--daemonmode=*) DAEMONMODE=`echo $1 | sed 's/^[^=]*=//'` ;;
+ 	--manmode=*) MANMODE=`echo $1 | sed 's/^[^=]*=//'` ;;
+ 	--with-c-compiler=*) CC=`echo $1 | sed 's/^[^=]*=//'` ;;
++
++	--disable-ipv6) ENABLE_IPV6=no;;
++	--enable-ipv6=*) ENABLE_IPV6=`echo $1 | sed 's/^[^=]*=//'`;;
++	--enable-ipv6) ENABLE_IPV6=yes;;
++
+ 	*) echo "Unrecognized option: $1"; exit 1;;
+ esac 
+ shift
+@@ -148,6 +154,42 @@
+ 
+ LDFLAGS=
+ LIBS=
++
++rm -f __conftest*
++
++##################################################
++## Enable IPv6
++echo -n "Whether to enable IPv6 support... "
++if [ x"$ENABLE_IPV6" = x"yes" ]; then
++    echo yes
++    CFLAGS="$CFLAGS -DINET6"
++else
++    echo no
++fi
++
++rm -f __conftest*
++
++## Search IPv6 Library / Headers
++if [ x"$ENABLE_IPV6" = x"yes" ]; then
++    echo -n "Search for IPv6 library... "
++    inet6libdirs="/usr/local/v6/lib /usr/local/lib /usr /usr/inet6/lib"
++    inet6libs="inet6"
++    inet6found=no
++    for inet6libdir in $inet6libdirs; do
++        for inet6lib in $inet6libs; do
++            if [ -d $inet6libdir ] && [ -f $inet6libdir/lib$inet6lib.a ]; then
++                inet6found=yes
++                break 2
++            fi
++        done
++    done
++    if [ x"$inet6found" = x"yes" ]; then
++        echo "$inet6libdir/lib$inet6lib.a"
++        LIBS="$LIBS -L$inet6libdir -l$inet6lib"
++    else
++        echo "not found"
++    fi
++fi
+ 
+ rm -f __conftest*
+ 
+diff -uNr bsd-finger-0.17/finger/CVS/Entries bsd-finger/finger/CVS/Entries
+--- bsd-finger-0.17/finger/CVS/Entries	Thu Jan  1 02:00:00 1970
++++ bsd-finger/finger/CVS/Entries	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1,11 @@
++/.cvsignore/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/Makefile/1.4/Sat Jan 27 05:57:07 2001//
++/display.c/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/finger.1/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/finger.c/1.3/Sun Feb 11 09:33:52 2001//
++/finger.h/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/lprint.c/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/net.c/1.3/Fri Jan 26 18:08:21 2001//
++/sprint.c/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/util.c/1.1.1.1/Fri Nov  3 19:18:15 2000//
++D
+diff -uNr bsd-finger-0.17/finger/CVS/Repository bsd-finger/finger/CVS/Repository
+--- bsd-finger-0.17/finger/CVS/Repository	Thu Jan  1 02:00:00 1970
++++ bsd-finger/finger/CVS/Repository	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1 @@
++usagi/src/bsd-finger/finger
+diff -uNr bsd-finger-0.17/finger/CVS/Root bsd-finger/finger/CVS/Root
+--- bsd-finger-0.17/finger/CVS/Root	Thu Jan  1 02:00:00 1970
++++ bsd-finger/finger/CVS/Root	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1 @@
++:pserver:anoncvs@anoncvs.linux-ipv6.org:/cvsroot/usagi
+diff -uNr bsd-finger-0.17/finger/Makefile bsd-finger/finger/Makefile
+--- bsd-finger-0.17/finger/Makefile	Sun Dec 12 20:04:52 1999
++++ bsd-finger/finger/Makefile	Sat Jan 27 07:57:07 2001
+@@ -10,7 +10,9 @@
+ finger.o: ../version.h
+ 
+ install: finger
++	install -d $(INSTALLROOT)$(BINDIR)
+ 	install -s -m$(BINMODE) finger $(INSTALLROOT)$(BINDIR)
++	install -d $(INSTALLROOT)$(MANDIR)/man1
+ 	install -m$(MANMODE) finger.1 $(INSTALLROOT)$(MANDIR)/man1
+ 
+ clean:
+diff -uNr bsd-finger-0.17/finger/finger.1 bsd-finger/finger/finger.1
+--- bsd-finger-0.17/finger/finger.1	Mon Jul 31 02:56:57 2000
++++ bsd-finger/finger/finger.1	Fri Nov  3 21:18:15 2000
+@@ -30,7 +30,7 @@
+ .\" SUCH DAMAGE.
+ .\"
+ .\"	from: @(#)finger.1	6.14 (Berkeley) 7/27/91
+-.\"	$Id: finger.1,v 1.18 2000/07/30 23:56:57 dholland Exp $
++.\"	$Id: finger.1,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $
+ .\"
+ .Dd August 15, 1999
+ .Dt FINGER 1
+diff -uNr bsd-finger-0.17/finger/finger.c bsd-finger/finger/finger.c
+--- bsd-finger-0.17/finger/finger.c	Sat Dec 18 18:41:51 1999
++++ bsd-finger/finger/finger.c	Sun Feb 11 11:33:52 2001
+@@ -1,3 +1,5 @@
++/* $USAGI$ */
++
+ /*
+  * Copyright (c) 1989 The Regents of the University of California.
+  * All rights reserved.
+@@ -46,7 +48,7 @@
+  * from: @(#)finger.c	5.22 (Berkeley) 6/29/90 
+  */
+ char finger_rcsid[] = \
+-  "$Id: finger.c,v 1.15 1999/12/18 16:41:51 dholland Exp $";
++  "$Id: finger.c,v 1.3 2001/02/11 09:33:52 yoshfuji Exp $";
+ 
+ /*
+  * Finger prints out information about users.  It is not portable since
+@@ -74,7 +76,11 @@
+ #include <time.h>
+ #include <getopt.h>
+ #include "finger.h"
++#ifdef _USAGI
++#include "version.h"
++#else
+ #include "../version.h"
++#endif
+ 
+ static void loginlist(void);
+ static void userlist(int argc, char *argv[]);
+@@ -92,8 +98,12 @@
+ 
+ int main(int argc, char *argv[]) {
+ 	int ch;
+-	struct sockaddr_in sin;
+-	socklen_t slen = sizeof(sin);
++#ifdef INET6
++	struct sockaddr_storage sa;
++#else
++	struct sockaddr sa;
++#endif
++	socklen_t slen = sizeof(sa);
+ 
+ 	while ((ch = getopt(argc, argv, "lmps")) != EOF) {
+ 		switch(ch) {
+@@ -119,7 +129,7 @@
+ 	argc -= optind;
+ 	argv += optind;
+ 
+-	if (getsockname(STDOUT_FILENO, (struct sockaddr *)&sin, &slen)==0) {
++	if (getsockname(STDOUT_FILENO, (struct sockaddr *)&sa, &slen)==0) {
+ 		/*
+ 		 * stdout is a socket. must be a network finger request,
+ 		 * so emit CRs with our LFs at the ends of lines.
+@@ -136,7 +146,7 @@
+ 	 * Also check stdin for nofinger processing, because of older
+ 	 * fingerds that make stdout a pipe for CRLF handling.
+ 	 */
+-	if (getsockname(STDIN_FILENO, (struct sockaddr *)&sin, &slen)==0) {
++	if (getsockname(STDIN_FILENO, (struct sockaddr *)&sa, &slen)==0) {
+ 		enable_nofinger = 1;
+ 	}	
+ 
+diff -uNr bsd-finger-0.17/finger/finger.h bsd-finger/finger/finger.h
+--- bsd-finger-0.17/finger/finger.h	Tue Sep 14 13:51:11 1999
++++ bsd-finger/finger/finger.h	Fri Nov  3 21:18:15 2000
+@@ -34,7 +34,7 @@
+  * SUCH DAMAGE.
+  *
+  *	from: @(#)finger.h	5.5 (Berkeley) 6/1/90
+- *	$Id: finger.h,v 1.7 1999/09/14 10:51:11 dholland Exp $
++ *	$Id: finger.h,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $
+  */
+ 
+ #include <pwd.h>
+diff -uNr bsd-finger-0.17/finger/lprint.c bsd-finger/finger/lprint.c
+--- bsd-finger-0.17/finger/lprint.c	Tue Sep 14 13:51:11 1999
++++ bsd-finger/finger/lprint.c	Fri Nov  3 21:18:15 2000
+@@ -38,7 +38,7 @@
+  * from: @(#)lprint.c	5.13 (Berkeley) 10/31/90
+  */
+ char lprint_rcsid[] = 
+-  "$Id: lprint.c,v 1.11 1999/09/14 10:51:11 dholland Exp $";
++  "$Id: lprint.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $";
+ 
+ #include <stdio.h>
+ #include <ctype.h>
+diff -uNr bsd-finger-0.17/finger/net.c bsd-finger/finger/net.c
+--- bsd-finger-0.17/finger/net.c	Tue Sep 14 13:51:11 1999
++++ bsd-finger/finger/net.c	Fri Jan 26 20:08:21 2001
+@@ -1,3 +1,5 @@
++/* $USAGI: net.c,v 1.2 2000/11/17 08:00:44 yoshfuji Exp $ */
++
+ /*
+  * Copyright (c) 1989 The Regents of the University of California.
+  * All rights reserved.
+@@ -36,7 +38,7 @@
+ 
+ #ifndef lint
+ /*static char sccsid[] = "from: @(#)net.c	5.5 (Berkeley) 6/1/90";*/
+-char net_rcsid[] = "$Id: net.c,v 1.9 1999/09/14 10:51:11 dholland Exp $";
++char net_rcsid[] = "$Id: net.c,v 1.3 2001/01/26 18:08:21 yoshfuji Exp $";
+ #endif /* not lint */
+ 
+ #include <sys/types.h>
+@@ -53,18 +55,53 @@
+ 
+ void netfinger(const char *name) {
+ 	register FILE *fp;
+-	struct in_addr defaddr;
+ 	register int c, sawret, ateol;
++#ifdef INET6
++	struct addrinfo hints, *res0, *res;
++	int gai;
++#else
++	struct in_addr defaddr;
+ 	struct hostent *hp, def;
+ 	struct servent *sp;
+ 	struct sockaddr_in sn;
++	char *alist[1];
++#endif
+ 	int s;
+-	char *alist[1], *host;
++	char *host;
+ 
+ 	host = strrchr(name, '@');
+ 	if (!host) return;
+ 	*host++ = '\0';
+ 
++#ifdef INET6
++	memset(&hints, 0, sizeof(hints));
++	hints.ai_family = PF_UNSPEC;
++	hints.ai_socktype = SOCK_STREAM;
++	gai = getaddrinfo(host, "finger", &hints, &res0);
++	if (gai) {
++		eprintf("finger: %s: host '%s', service '%s'\n",
++			gai_strerror(gai), host, "finger");
++		return;
++	}
++	s = -1;
++	errno = 0;
++	for (res=res0; res; res=res->ai_next) {
++		s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
++		if (s < 0)
++			continue;
++		if (connect(s, res->ai_addr, res->ai_addrlen) < 0){
++			close(s);
++			s = -1;
++			continue;
++		}
++		break;
++	}
++	freeaddrinfo(res0);
++	if (s < 0) {
++		eprintf("finger: cannot create socket / connet host\n");
++		return;
++	}
++#else
+ 	memset(&sn, 0, sizeof(sn));
+ 
+ 	sp = getservbyname("finger", "tcp");
+@@ -106,6 +143,7 @@
+ 		close(s);
+ 		return;
+ 	}
++#endif
+ 
+ 	/* -l flag for remote fingerd  */
+ 	if (lflag) write(s, "/W ", 3);
+diff -uNr bsd-finger-0.17/finger/sprint.c bsd-finger/finger/sprint.c
+--- bsd-finger-0.17/finger/sprint.c	Sun Dec 12 20:59:33 1999
++++ bsd-finger/finger/sprint.c	Fri Nov  3 21:18:15 2000
+@@ -36,7 +36,7 @@
+ 
+ #ifndef lint
+ /*static char sccsid[] = "from: @(#)sprint.c	5.8 (Berkeley) 12/4/90";*/
+-char sprint_rcsid[] = "$Id: sprint.c,v 1.10 1999/12/12 18:59:33 dholland Exp $";
++char sprint_rcsid[] = "$Id: sprint.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $";
+ #endif /* not lint */
+ 
+ #include <sys/types.h>
+diff -uNr bsd-finger-0.17/finger/util.c bsd-finger/finger/util.c
+--- bsd-finger-0.17/finger/util.c	Wed Sep 29 01:53:58 1999
++++ bsd-finger/finger/util.c	Fri Nov  3 21:18:15 2000
+@@ -36,7 +36,7 @@
+ 
+ #ifndef lint
+ /*static char sccsid[] = "from: @(#)util.c	5.14 (Berkeley) 1/17/91";*/
+-char util_rcsid[] = "$Id: util.c,v 1.18 1999/09/28 22:53:58 netbug Exp $";
++char util_rcsid[] = "$Id: util.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $";
+ #endif /* not lint */
+ 
+ #include <sys/types.h>
+diff -uNr bsd-finger-0.17/fingerd/CVS/Entries bsd-finger/fingerd/CVS/Entries
+--- bsd-finger-0.17/fingerd/CVS/Entries	Thu Jan  1 02:00:00 1970
++++ bsd-finger/fingerd/CVS/Entries	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1,6 @@
++/.cvsignore/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/Makefile/1.4/Sat Jan 27 05:57:07 2001//
++/fingerd.8/1.1.1.1/Fri Nov  3 19:18:15 2000//
++/fingerd.c/1.5/Sun Feb 11 09:33:52 2001//
++/pathnames.h/1.1.1.1/Fri Nov  3 19:18:15 2000//
++D
+diff -uNr bsd-finger-0.17/fingerd/CVS/Repository bsd-finger/fingerd/CVS/Repository
+--- bsd-finger-0.17/fingerd/CVS/Repository	Thu Jan  1 02:00:00 1970
++++ bsd-finger/fingerd/CVS/Repository	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1 @@
++usagi/src/bsd-finger/fingerd
+diff -uNr bsd-finger-0.17/fingerd/CVS/Root bsd-finger/fingerd/CVS/Root
+--- bsd-finger-0.17/fingerd/CVS/Root	Thu Jan  1 02:00:00 1970
++++ bsd-finger/fingerd/CVS/Root	Mon Feb 19 06:50:43 2001
+@@ -0,0 +1 @@
++:pserver:anoncvs@anoncvs.linux-ipv6.org:/cvsroot/usagi
+diff -uNr bsd-finger-0.17/fingerd/Makefile bsd-finger/fingerd/Makefile
+--- bsd-finger-0.17/fingerd/Makefile	Sun Dec 12 20:04:57 1999
++++ bsd-finger/fingerd/Makefile	Sat Jan 27 07:57:07 2001
+@@ -9,7 +9,9 @@
+ fingerd.o: pathnames.h ../version.h
+ 
+ install: fingerd
++	install -d $(INSTALLROOT)$(SBINDIR)
+ 	install -s -m$(DAEMONMODE) fingerd $(INSTALLROOT)$(SBINDIR)/in.fingerd
++	install -d $(INSTALLROOT)$(MANDIR)/man8
+ 	install -m$(MANMODE) fingerd.8 $(INSTALLROOT)$(MANDIR)/man8/in.fingerd.8
+ 	ln -sf in.fingerd.8 $(INSTALLROOT)$(MANDIR)/man8/fingerd.8
+ 
+diff -uNr bsd-finger-0.17/fingerd/fingerd.8 bsd-finger/fingerd/fingerd.8
+--- bsd-finger-0.17/fingerd/fingerd.8	Mon Jul 31 02:56:57 2000
++++ bsd-finger/fingerd/fingerd.8	Fri Nov  3 21:18:15 2000
+@@ -30,7 +30,7 @@
+ .\" SUCH DAMAGE.
+ .\"
+ .\"     from: @(#)fingerd.8	6.4 (Berkeley) 3/16/91
+-.\"	$Id: fingerd.8,v 1.18 2000/07/30 23:56:57 dholland Exp $
++.\"	$Id: fingerd.8,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $
+ .\"
+ .Dd August 29, 1996
+ .Dt FINGERD 8
+diff -uNr bsd-finger-0.17/fingerd/fingerd.c bsd-finger/fingerd/fingerd.c
+--- bsd-finger-0.17/fingerd/fingerd.c	Sun Dec 12 20:46:28 1999
++++ bsd-finger/fingerd/fingerd.c	Sun Feb 11 11:33:52 2001
+@@ -1,3 +1,5 @@
++/* $USAGI: fingerd.c,v 1.3 2000/11/17 08:13:01 yoshfuji Exp $ */
++
+ /*
+  * Copyright (c) 1983 The Regents of the University of California.
+  * All rights reserved.
+@@ -39,7 +41,7 @@
+  * from: @(#)fingerd.c	5.6 (Berkeley) 6/1/90"
+  */
+ char rcsid[] = 
+-  "$Id: fingerd.c,v 1.23 1999/12/12 18:46:28 dholland Exp $";
++  "$Id: fingerd.c,v 1.5 2001/02/11 09:33:52 yoshfuji Exp $";
+ 
+ #include <pwd.h>
+ #include <grp.h>
+@@ -57,7 +59,11 @@
+ #include <sys/wait.h>
+ 
+ #include "pathnames.h"
++#ifdef _USAGI
++#include "version.h"
++#else
+ #include "../version.h"
++#endif
+ 
+ #define	ENTRIES	50
+ #define WS " \t\r\n"
+@@ -111,7 +117,11 @@
+ 	int k, nusers;
+ 	char *s, *t;
+ 	const char *fingerpath = NULL;
+-	struct sockaddr_in sn;
++#ifdef INET6
++	struct sockaddr_storage sn;
++#else
++	struct sockaddr sn;
++#endif
+ 	socklen_t sval = sizeof(sn);
+ 
+ 
+@@ -182,18 +192,35 @@
+ 
+ 	if (welcome) {
+ 		char buf[256];
++#ifdef INET6
++		struct addrinfo hints, *res0;
++#else
+ 		struct hostent *hp;
++#endif
+ 		struct utsname utsname;
++		const char *cname = buf;
+ 
+ 		uname(&utsname);
+ 		gethostname(buf, sizeof(buf));
++#ifdef INET6
++		memset(&hints, 0, sizeof(hints));
++		hints.ai_family = PF_UNSPEC;
++		hints.ai_flags = AI_CANONNAME;
++		if (getaddrinfo(buf, NULL, &hints, &res0)) {
++			/* paranoia: dns spoofing? */
++			cname = res0->ai_canonname;
++		}
++#else
+ 		if ((hp = gethostbyname(buf))) {
+ 			/* paranoia: dns spoofing? */
+-			strncpy(buf, hp->h_name, sizeof(buf));
+-			buf[sizeof(buf)-1] = 0;
++			cname = hp->h_name;
+ 		}
++#endif
+ 		printf("\r\nWelcome to %s version %s at %s !\r\n\n",
+-				utsname.sysname, utsname.release, buf);
++				utsname.sysname, utsname.release, cname);
++#ifdef INET6
++		freeaddrinfo(res0);
++#endif
+ 		fflush(stdout);
+ 		switch (fork()) {
+ 		 case -1: /* fork failed, oh well */
+diff -uNr bsd-finger-0.17/fingerd/pathnames.h bsd-finger/fingerd/pathnames.h
+--- bsd-finger-0.17/fingerd/pathnames.h	Sun Jul 14 02:21:42 1996
++++ bsd-finger/fingerd/pathnames.h	Fri Nov  3 21:18:15 2000
+@@ -31,7 +31,7 @@
+  * SUCH DAMAGE.
+  *
+  *	from: @(#)pathnames.h	5.3 (Berkeley) 6/1/90
+- *	$Id: pathnames.h,v 1.3 1996/07/13 23:21:42 dholland Exp $
++ *	$Id: pathnames.h,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $
+  */
+ 
+ /*
diff --git a/source/n/bsd-finger/bsd-finger-0.17-utmp.patch b/source/n/bsd-finger/bsd-finger-0.17-utmp.patch
new file mode 100644
index 000000000..ac73f2be1
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-0.17-utmp.patch
@@ -0,0 +1,40 @@
+--- bsd-finger-0.17/finger/finger.c.utmp	2004-06-15 11:38:24.000000000 -0400
++++ bsd-finger-0.17/finger/finger.c	2004-06-15 12:22:15.000000000 -0400
+@@ -75,6 +75,8 @@
+ #include <limits.h>
+ #include <time.h>
+ #include <getopt.h>
++#include <signal.h>
++#include <errno.h>
+ #include "finger.h"
+ #ifdef _USAGI
+ #include "version.h"
+@@ -224,6 +226,8 @@
+ #ifdef USER_PROCESS
+ 		if (uptr->ut_type != USER_PROCESS) continue;
+ #endif
++		if (kill(uptr->ut_pid, 0) < 0 && errno == ESRCH)
++			continue;
+ 		if ((pn = find_person(uptr->ut_name)) == NULL) {
+ 			memcpy(name, uptr->ut_name, UT_NAMESIZE);
+ 			if ((pw = getpwnam(name)) == NULL)
+@@ -331,6 +335,8 @@
+ #ifdef USER_PROCESS
+ 		if (uptr->ut_type != USER_PROCESS) continue;
+ #endif
++		if (kill(uptr->ut_pid, 0) < 0 && errno == ESRCH)
++			continue;
+ 		if ((pn = find_person(uptr->ut_name)) == NULL) {
+ 			continue;
+ 		}
+--- bsd-finger-0.17/finger/util.c.utmp	2004-06-15 11:38:24.000000000 -0400
++++ bsd-finger-0.17/finger/util.c	2004-06-15 11:38:24.000000000 -0400
+@@ -71,6 +71,8 @@
+ 	}
+ 	snprintf(tbuf, TBUFLEN, "%s/%s", _PATH_DEV, w->tty);
+ 	if (stat(tbuf, &sb) < 0) {
++	    w->idletime = 0;  /* No tty no write, no idle data */
++	    w->writable = 0;
+ 	    switch (errno) {
+ 	    case ENOENT:
+ 		break;
diff --git a/source/n/bsd-finger/bsd-finger-wide-char-support5.patch b/source/n/bsd-finger/bsd-finger-wide-char-support5.patch
new file mode 100644
index 000000000..9a8a2d515
--- /dev/null
+++ b/source/n/bsd-finger/bsd-finger-wide-char-support5.patch
@@ -0,0 +1,170 @@
+--- bsd-finger-0.17/finger/finger.c.widechar	2005-12-15 09:14:18.000000000 +0100
++++ bsd-finger-0.17/finger/finger.c	2005-12-15 09:14:18.000000000 +0100
+@@ -77,6 +77,7 @@
+ #include <getopt.h>
+ #include <signal.h>
+ #include <errno.h>
++#include <locale.h>
+ #include "finger.h"
+ #ifdef _USAGI
+ #include "version.h"
+@@ -211,6 +212,9 @@
+	struct utmp *uptr;
+	char name[UT_NAMESIZE + 1];
+
++	if (setlocale (LC_ALL, "") != NULL)
++		set_haslocale();
++
+	name[UT_NAMESIZE] = '\0';
+
+	/*
+@@ -286,6 +287,9 @@
+ 	struct utmp *uptr;
+ 	int dolocal, *used;
+ 
++	if (setlocale (LC_ALL, "") != NULL)
++		set_haslocale();
++
+ 	used = calloc(argc, sizeof(int));
+ 	if (!used) {
+ 		eprintf("finger: out of space.\n");
+--- bsd-finger-0.17/finger/finger.h.widechar	2005-12-15 09:14:17.000000000 +0100
++++ bsd-finger-0.17/finger/finger.h	2005-12-15 09:14:18.000000000 +0100
+@@ -117,3 +117,7 @@
+ /* terminal inquiries */
+ int is8bit(void);
+ int getscreenwidth(void);
++
++/* locale support */
++void set_haslocale(void);
++
+--- bsd-finger-0.17/finger/display.c.widechar	1999-09-29 00:53:58.000000000 +0200
++++ bsd-finger-0.17/finger/display.c	2005-12-15 10:05:40.000000000 +0100
+@@ -40,8 +40,19 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <stdarg.h>
++#include <inttypes.h>
+ #include "finger.h"
+ 
++#define HAVE_WCHAR_H 1
++#define HAVE_MBRTOWC 1
++#define HAVE_WCWIDTH 1
++
++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH)
++#include <wchar.h>
++#include <wctype.h>
++#include <assert.h>
++#endif
++
+ int
+ getscreenwidth(void)
+ {
+@@ -147,9 +158,105 @@
+ 	fxputc(stdout, ch);
+ }
+ 
++static int has_locale = 0;
++
++void
++set_haslocale (void)
++{
++	has_locale = 1;
++}
++
++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH)
++static int verifymultibyte(const char *buf) {
++	mbstate_t state;
++	wchar_t nextchar;
++	size_t bytesconsumed;
++	char *eop, *op;
++	(void)memset(&state, 0, sizeof(mbstate_t));
++
++	eop = (char *) (buf + strlen(buf));
++	op = (char *) buf;
++	while (op < eop) {
++		bytesconsumed = mbrtowc(&nextchar, op, eop - op, &state);
++		if (bytesconsumed == (size_t)(-1) ||
++		    bytesconsumed == (size_t)(-2)) {
++			return 0;
++		}
++		op += bytesconsumed;
++	}
++
++	return 1;
++}
++
++#define OCTALIFY(n, o) \
++	*(n)++ = '\\', \
++	*(n)++ = (((uint32_t)*(o) >> 6) & 3) + '0', \
++	*(n)++ = (((uint32_t)*(o) >> 3) & 7) + '0', \
++	*(n)++ = (((uint32_t)*(o) >> 0) & 7) + '0', \
++	(o)++
++
++#endif
++
+ static void fxputs(FILE *f, const char *buf) {
+-	int i;
+-	for (i=0; buf[i]; i++) fxputc(f, buf[i]);
++	int widechars;
++
++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH)
++	if (has_locale)
++		widechars = verifymultibyte (buf);
++	else
++		widechars = 0;
++#else
++	widechars = 0;
++#endif
++
++	/* on 7-bit terminals, without wide-chars support, or string
++	 * isn't parseable, print char * by char */
++	if (!is8bit() || !widechars) {
++		unsigned int i;
++		char ch;
++		for (i = 0; i < strlen (buf); i++) {
++			ch = buf[i];
++			fxputc(f, ch);
++		}
++		return;
++	}
++
++#if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH)
++	{
++		mbstate_t state;
++		wchar_t nextchar;
++		size_t bytesconsumed;
++		char *eop, *op, buffer[256];
++		(void)memset(&state, 0, sizeof(mbstate_t));
++		char* op1;
++		eop = (char *) (buf + strlen(buf));
++		op = (char *) buf;
++		op1 = op;
++		while (op < eop) {
++			bytesconsumed = mbrtowc(&nextchar, op,
++					eop - op, &state);
++			/* This isn't supposed to happen as we verified the
++			 * string before hand */
++			assert(bytesconsumed != (size_t)(-1) && bytesconsumed != (size_t)(-2));
++
++			if (iswprint(nextchar)) {
++				(void)memcpy(buffer, op, bytesconsumed);
++				buffer[bytesconsumed] = '\0';
++				op += bytesconsumed;
++			} else if (bytesconsumed == 1) {
++				op++;
++			} else {
++				char *tmp;
++				tmp = buffer;
++				buffer[bytesconsumed] = '\0';
++				while (bytesconsumed-- > 0) {
++					OCTALIFY(tmp, op);
++				}
++			}
++		}
++		fprintf(f,"%s",op1);
++	}
++#endif
+ }
+ 
+ int xprintf(const char *fmt, ...) {
diff --git a/source/n/bsd-finger/bsd-finger.SlackBuild b/source/n/bsd-finger/bsd-finger.SlackBuild
index 214470278..62f4b7a4b 100755
--- a/source/n/bsd-finger/bsd-finger.SlackBuild
+++ b/source/n/bsd-finger/bsd-finger.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,13 +20,31 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-VERSION=0.17
-ARCH=${ARCH:-x86_64}
-BUILD=${BUILD:-1}
+PKGNAM=bsd-finger
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-3}
 
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$(uname -m)" in
+    i?86) ARCH=i586 ;;
+    arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+    *) ARCH=$(uname -m) ;;
+  esac
+  export ARCH
+fi
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-bsd-finger
 
@@ -34,12 +52,30 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 
 cd $TMP
+rm -rf bsd-finger-$VERSION
 tar xvf $CWD/bsd-finger-$VERSION.tar.gz || exit 1
 cd bsd-finger-$VERSION || exit 1
+
 chown -R root:root .
-zcat $CWD/bsd-finger-0.17.diff.gz | patch -p1 || exit
-./configure --prefix=/usr
+
+zcat $CWD/bsd-finger-0.17.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.16-allocbroken.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.16-pts.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-coverity-bugs.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-exact.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-host-info.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-init-realname.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-match_sigsegv.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-rfc742.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-time.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-usagi-ipv6.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-0.17-utmp.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/bsd-finger-wide-char-support5.patch.gz | patch -p1 --verbose || exit 1
+
+./configure --prefix=/usr || exit 1
+
 make || exit 1
+
 cd finger
 strip finger
 mkdir -p $PKG/usr/bin
diff --git a/source/n/bsd-finger/slack-desc b/source/n/bsd-finger/slack-desc
index d3b9ea63a..8ed6719d4 100644
--- a/source/n/bsd-finger/slack-desc
+++ b/source/n/bsd-finger/slack-desc
@@ -1,14 +1,14 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
           |-----handy-ruler------------------------------------------------------|
 bsd-finger: bsd-finger (user information lookup program)
 bsd-finger:
-bsd-finger: The finger displays information about the system users.  Finger
+bsd-finger: The finger displays information about the system users. Finger
 bsd-finger: displays the user's login name, real name, terminal name and write
 bsd-finger: status (as a ``*'' after the terminal name if write permission is
 bsd-finger: denied), idle time, login time, office location and office phone
diff --git a/source/n/ca-certificates/ca-certificates.SlackBuild b/source/n/ca-certificates/ca-certificates.SlackBuild
index 4f2f2def3..54747d557 100755
--- a/source/n/ca-certificates/ca-certificates.SlackBuild
+++ b/source/n/ca-certificates/ca-certificates.SlackBuild
@@ -1,9 +1,9 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for ca-certificates
 
 # Copyright 2009,2011  Robby Workman  Northport, AL, USA
-# Copyright 2012, 2013, 2015, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2012, 2013, 2015, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -23,12 +23,23 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=ca-certificates
-VERSION=${VERSION:-20160104}
+VERSION=${VERSION:-20180409}
 ARCH=noarch
 BUILD=${BUILD:-1}
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+TARVERSION=${VERSION}
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -41,10 +52,10 @@ cd $TMP
 rm -rf $PKGNAM $PKGNAM-$VERSION
 
 # Extract the tarball:
-tar xvf $CWD/${PKGNAM}_$VERSION.tar.?z || exit 1
+tar xvf $CWD/${PKGNAM}_$TARVERSION.tar.?z || exit 1
 
 # Again, both $PKGNAM and $PKGNAM-$VERSION are needed here:
-cd $PKGNAM || cd $PKGNAM-$VERSION || exit 1
+cd $PKGNAM-$VERSION 2> /dev/null || cd $PKGNAM || exit 1
 
 chown -R root:root .
 find . \
diff --git a/source/n/ca-certificates/slack-desc b/source/n/ca-certificates/slack-desc
index c302e8283..0ccfdb193 100644
--- a/source/n/ca-certificates/slack-desc
+++ b/source/n/ca-certificates/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
                |-----handy-ruler-----------------------------------------------------|
diff --git a/source/n/cifs-utils/cifs-utils-6.7-talloc.patch b/source/n/cifs-utils/cifs-utils-6.7-talloc.patch
new file mode 100644
index 000000000..7e3418631
--- /dev/null
+++ b/source/n/cifs-utils/cifs-utils-6.7-talloc.patch
@@ -0,0 +1,29 @@
+https://bugs.gentoo.org/show_bug.cgi?id=612018
+
+From: Thomas Witt <pyromaniac@exherbo.org>
+Date: Wed, 15 Mar 2017 20:20:44 +0000 (+0000)
+Subject: mount.cifs: Remove data_blob.h include
+X-Git-Url: https://git.samba.org/?p=cifs-utils.git;a=commitdiff_plain;h=272d523a57a4e8791d625a479128613be5e401f5
+
+mount.cifs: Remove data_blob.h include
+
+data_blob.h includes talloc.h from libtalloc, but that is only marked as
+a dependency for cifs.upcall. No symbols from that header are used by
+cifs.mount, so remove it to avoid the libtalloc dependency
+
+Signed-off-by: Thomas Witt <pyromaniac@exherbo.org>
+---
+
+diff --git a/mount.cifs.c b/mount.cifs.c
+index 13b71ef..2612feb 100644
+--- a/mount.cifs.c
++++ b/mount.cifs.c
+@@ -61,7 +61,6 @@
+ #include "mount.h"
+ #include "util.h"
+ #include "resolve_host.h"
+-#include "data_blob.h"
+
+ #ifndef MS_MOVE
+ #define MS_MOVE 8192
+
diff --git a/source/n/cifs-utils/cifs-utils.SlackBuild b/source/n/cifs-utils/cifs-utils.SlackBuild
index 20871fb7b..09920214a 100755
--- a/source/n/cifs-utils/cifs-utils.SlackBuild
+++ b/source/n/cifs-utils/cifs-utils.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2012  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2012, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,6 +20,7 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=cifs-utils
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
@@ -36,6 +37,14 @@ if [ -z "$ARCH" ]; then
   export ARCH
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -61,7 +70,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -80,6 +88,13 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+# data_blob.h is only needed for cifs_upcall, which we don't have due
+# to lack of krb5, so let's unfail the build 
+zcat $CWD/cifs-utils-6.7-talloc.patch.gz | patch -p1 --verbose || exit 1
+
+# Sigh.
+autoreconf -vif
+
 # Configure:
 CFLAGS="$SLKCFLAGS" \
 ./configure \
diff --git a/source/n/cifs-utils/slack-desc b/source/n/cifs-utils/slack-desc
index ff9ba3e82..50f801ba9 100644
--- a/source/n/cifs-utils/slack-desc
+++ b/source/n/cifs-utils/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
           |-----handy-ruler------------------------------------------------------|
 cifs-utils: cifs-utils (CIFS filesystem utilities)
 cifs-utils:
 cifs-utils: This is the release version of cifs-utils, a package of utilities for
-cifs-utils: doing and managing mounts of the Linux CIFS filesystem.  The in-kernel
+cifs-utils: doing and managing mounts of the Linux CIFS filesystem. The in-kernel
 cifs-utils: CIFS filesystem is generally the preferred method for mounting
-cifs-utils: SMB/CIFS shares on Linux.  This filesystem relies on a set of
+cifs-utils: SMB/CIFS shares on Linux. This filesystem relies on a set of
 cifs-utils: user-space tools that were originally part of Samba, but have now been
 cifs-utils: split off into this separate package.
 cifs-utils:
-cifs-utils: Home page:  http://wiki.samba.org/index.php/LinuxCIFS_utils
+cifs-utils: Home page: http://wiki.samba.org/index.php/LinuxCIFS_utils
 cifs-utils:
diff --git a/source/n/conntrack-tools/conntrack-tools.SlackBuild b/source/n/conntrack-tools/conntrack-tools.SlackBuild
index 2af5957e3..5221d3ca4 100755
--- a/source/n/conntrack-tools/conntrack-tools.SlackBuild
+++ b/source/n/conntrack-tools/conntrack-tools.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for conntrack-tools
 
@@ -22,8 +22,10 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=conntrack-tools
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -38,7 +40,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -60,7 +69,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
diff --git a/source/n/conntrack-tools/slack-desc b/source/n/conntrack-tools/slack-desc
index 15726e0ed..d0b4d65b9 100644
--- a/source/n/conntrack-tools/slack-desc
+++ b/source/n/conntrack-tools/slack-desc
@@ -2,7 +2,7 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
                |-----handy-ruler------------------------------------------------------|
@@ -15,5 +15,5 @@ conntrack-tools:
 conntrack-tools: The conntrack-tools include the userspace daemon conntrackd 
 conntrack-tools: and the command line interface conntrack.
 conntrack-tools:
-conntrack-tools:
+conntrack-tools: Homepage: https://www.netfilter.org/projects/conntrack-tools
 conntrack-tools:
diff --git a/source/n/crda/crda.SlackBuild b/source/n/crda/crda.SlackBuild
index 20c96fac5..abd2e2a7c 100755
--- a/source/n/crda/crda.SlackBuild
+++ b/source/n/crda/crda.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2009  Robby Workman, Northport, AL, USA
-# Copyright 2009, 2010, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2009, 2010, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,9 +21,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=crda
 VERSION=${VERSION:-3.18}
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-7}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,9 +37,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-REGDBVERS=2016.02.08
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+REGDBVERS=2018.05.09
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-crda
 
@@ -71,12 +80,12 @@ find . \
  -exec chmod 644 {} \;
 
 # If this isn't installed on the system, crda will not build:
-mkdir -p /usr/lib/crda
-cat regulatory.bin > /usr/lib/crda/regulatory.bin
+make install MANDIR=/usr/man || exit 1
+
+# Install to the package directory:
+make install DESTDIR=$PKG MANDIR=/usr/man || exit 1
 
-mkdir -p $PKG/usr/lib/crda $PKG/usr/man/man5 $PKG/usr/doc/crda-$VERSION/regdb
-cat regulatory.bin > $PKG/usr/lib/crda/regulatory.bin
-gzip -9c regulatory.bin.5 > $PKG/usr/man/man5/regulatory.bin.5.gz
+mkdir -p $PKG/usr/doc/crda-$VERSION/regdb
 cp -a LICENSE README db.txt $PKG/usr/doc/crda-$VERSION/regdb
 
 # Now we'll do crda itself
@@ -91,16 +100,17 @@ find . \
  \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
  -exec chmod 644 {} \;
 
-# There's some weirdness going on here, but this seems to fix it:
-make ; make clean ; make
+# This thing uses our CFLAGS on its own, but if we specify them,
+# it fails to build. The build failure is wacky, as if it's not
+# linking libnl into crda.o -- the detection for libnl is broken,
+# but even if it's fixed, the errors still occur. This works, so...
+sed -i -e "s,-Werror ,,g" -e "s,fpic,fPIC,g" Makefile
 
 make \
-  CFLAGS="$SLKCFLAGS" \
   MANDIR=/usr/man \
   LIBDIR=/usr/lib${LIBDIRSUFFIX} \
   || exit 1
 make install \
-  CFLAGS="$SLKCFLAGS" \
   MANDIR=/usr/man \
   LIBDIR=/usr/lib${LIBDIRSUFFIX} \
   DESTDIR=$PKG \
diff --git a/source/n/crda/crda.url b/source/n/crda/crda.url
new file mode 100644
index 000000000..29d4e08e3
--- /dev/null
+++ b/source/n/crda/crda.url
@@ -0,0 +1 @@
+https://www.kernel.org/pub/software/network/crda/
diff --git a/source/n/crda/slack-desc b/source/n/crda/slack-desc
index d6c211275..794493d70 100644
--- a/source/n/crda/slack-desc
+++ b/source/n/crda/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
@@ -11,9 +11,9 @@ crda:
 crda: This is the Central Regulatory Domain Agent for Linux. 
 crda: It serves one purpose: tell the Linux kernel what to enforce. 
 crda: In essence, it is a udev helper for communication between
-crda: the kernel and userspace.  
+crda: the kernel and userspace. 
 crda: 
 crda: You only need to run this manually for debugging purposes.
 crda: 
-crda: http://wireless.kernel.org/download/crda/
+crda: Homepage: http://wireless.kernel.org
 crda: 
diff --git a/source/n/crda/wireless-regdb-2016.02.08.tar.sign b/source/n/crda/wireless-regdb-2016.02.08.tar.sign
deleted file mode 100644
index e10b13801..000000000
--- a/source/n/crda/wireless-regdb-2016.02.08.tar.sign
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAABCgAGBQJWuK7SAAoJEKtIAKYtufc6M0wQALm4zNeA/UlubfDeMjtLxDWb
-7b/SHnjzZ0KIOA52Ysqns4hvAdrzqNyHuT+9a6tBKZQLB5ZHnXSGdEZtznsjXnM1
-UcrIC6X0u1CLL1HE+JA+OTjDfJjBreKTlF2aX35DjsIc2kR0NYkF4qkFCeYHvn/n
-y+9YEF2VYkzxOkrX2B4aX2j4ncWA0vub11NoHdthzavPng8UJz91x9pu/8N2HzoC
-h64jqDZK5YBdc6SE+CS/QEMlnMmizf560rsTxFR4m6drDBJGnOYJbRsi784AZf/R
-HLJvzmou4BxKNTrFIkaE9CNgV3MHOaBB7NrvjgcoHCZI9Y9CQLZGJbPagLQ2KW0g
-q6TOBqi3eKmE1PbtEi8jkHME6CYFk5R2NJyKQmVDyKp37nzX6lrk+7lfoqpQ7Pmr
-fUNBCZoGGTLP9qV0fIRBk1pyIc2fXzXmSrh5v5GUzXRSFN6U4V6iKG1KqPVe6H7J
-OqPwfMWQhCaK2e+/qXHb068oOnxOKhnw6ucDyq2qZVaWy8qKuJZ/EGWFMgWEo6/H
-j9fReRc1k0/z5QFBRZ7tuqxTdquWO0Xsn5MvUbZA43Bi3CEAgxZoWmU7GxjW0Qh0
-8hu7Tyk58qqgyrpXUM3ccWJJ8wLK6kcdvtiRt9x5xavr4/2hdHb764HBtb0HdueK
-4FghlQ8df3rH5pX3QxkH
-=6hY4
------END PGP SIGNATURE-----
diff --git a/source/n/crda/wireless-regdb-2018.05.09.tar.sign b/source/n/crda/wireless-regdb-2018.05.09.tar.sign
new file mode 100644
index 000000000..c4d8ed0ab
--- /dev/null
+++ b/source/n/crda/wireless-regdb-2018.05.09.tar.sign
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEkJ7fqygL5xE8uB3PUwOZruX0MckFAlrzAPEACgkQUwOZruX0
+MckmAAf/UH+XSV3fFCLAPjD1VaXp6gtO1+98EO7HQsOxR0X3LxY86VDyy4O2/2/b
+Kyb9oYDP0vFM0/d0qwOjHiZuRRGU4Lzsf5eOdRv2GMJUgSRiFmW6RvX6bWmPUNyl
+WOR1SHW3C/fNxjBoeYF2hPjw0omn9nwblG4I+8tHbCJZ7jyHGx1lKUx5FpjJvALm
+tR8djN6VymsIw5fjuKfjO82pBqyuK/qv52RGUTKi0HhzZpTyOJ+3oyCctiCQLC92
+7JjPT+BV7qfkNW7OPOLSGq3orIhhX7asSvBtrnUTewEObwWuuFXdBWAIpSlPjwpz
+XIbKXIssyz6u3RCkpjWvZOLt5qsxEA==
+=rQKU
+-----END PGP SIGNATURE-----
diff --git a/source/n/crda/wireless-regdb.url b/source/n/crda/wireless-regdb.url
new file mode 100644
index 000000000..a795b6947
--- /dev/null
+++ b/source/n/crda/wireless-regdb.url
@@ -0,0 +1 @@
+http://kernel.org/pub/software/network/wireless-regdb/
diff --git a/source/n/curl/cacert.pem b/source/n/curl/cacert.pem
index c15368bdc..45654c0b9 100644
--- a/source/n/curl/cacert.pem
+++ b/source/n/curl/cacert.pem
@@ -1,20 +1,20 @@
 ##
 ## Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Wed Apr 20 03:12:05 2016
+## Certificate data from Mozilla as of: Wed Mar  7 04:12:06 2018 GMT
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates
 ## file (certdata.txt).  This file can be found in the mozilla source tree:
-## http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
+## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt
 ##
 ## It contains the certificates in PEM format and therefore
 ## can be directly used with curl / libcurl / php_curl, or with
 ## an Apache+mod_ssl webserver for SSL client authentication.
 ## Just configure this file as the SSLCACertificateFile.
 ##
-## Conversion done with mk-ca-bundle.pl version 1.25.
-## SHA1: 5df367cda83086392e1acdf22bfef00c48d5eba6
+## Conversion done with mk-ca-bundle.pl version 1.27.
+## SHA256: 704f02707ec6b4c4a7597a8c6039b020def11e64f3ef0605a9c3543d48038a57
 ##
 
 
@@ -130,30 +130,6 @@ Y71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H
 RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
 -----END CERTIFICATE-----
 
-AddTrust Low-Value Services Root
-================================
------BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRU
-cnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMwMTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQsw
-CQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBO
-ZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ulCDtbKRY6
-54eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6ntGO0/7Gcrjyvd7ZWxbWr
-oulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyldI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1
-Zmne3yzxbrww2ywkEtvrNTVokMsAsJchPXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJui
-GMx1I4S+6+JNM3GOGvDC+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8w
-HQYDVR0OBBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTAD
-AQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBlMQswCQYDVQQGEwJT
-RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEw
-HwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxt
-ZBsfzQ3duQH6lmM0MkhHma6X7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0Ph
-iVYrqW9yTkkz43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY
-eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJlpz/+0WatC7xr
-mYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOAWiFeIc9TVPC6b4nbqKqVz4vj
-ccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk=
------END CERTIFICATE-----
-
 AddTrust External Root
 ======================
 -----BEGIN CERTIFICATE-----
@@ -178,54 +154,6 @@ e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEXc4g/VhsxOBi0cQ+azcgOno4u
 G+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5amnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
 -----END CERTIFICATE-----
 
-AddTrust Public Services Root
-=============================
------BEGIN CERTIFICATE-----
-MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSAwHgYDVQQDExdBZGRU
-cnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAxMDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJ
-BgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5l
-dHdvcmsxIDAeBgNVBAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbu
-nyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1i
-d9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSG
-Aa2Il+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAw
-HM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0G
-A1UdDgQWBBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
-/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDELMAkGA1UEBhMCU0Ux
-FDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29yazEgMB4G
-A1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4
-JNojVhaTdt02KLmuG7jD8WS6IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL
-+YPoRNWyQSW/iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao
-GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh4SINhwBk/ox9
-Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQmXiLsks3/QppEIW1cxeMiHV9H
-EufOX1362KqxMy3ZdvJOOjMMK7MtkAY=
------END CERTIFICATE-----
-
-AddTrust Qualified Certificates Root
-====================================
------BEGIN CERTIFICATE-----
-MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEUMBIGA1UEChML
-QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSMwIQYDVQQDExpBZGRU
-cnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcx
-CzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQ
-IE5ldHdvcmsxIzAhBgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwqxBb/4Oxx
-64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3
-KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1tUvznoD1o
-L/BLcHwTOK28FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GR
-wVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HU
-MIHRMB0GA1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/
-BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6FrpGkwZzELMAkGA1UE
-BhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29y
-azEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlmaWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQAD
-ggEBABmrder4i2VhlRO6aQTvhsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxG
-GuoYQ992zPlmhpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X
-dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3P6CxB9bpT9ze
-RXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9YiQBCYz95OdBEsIJuQRno3eDB
-iFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5noxqE=
------END CERTIFICATE-----
-
 Entrust Root Certification Authority
 ====================================
 -----BEGIN CERTIFICATE-----
@@ -252,27 +180,6 @@ W3iDVuycNsMm4hH2Z0kdkquM++v/eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0
 tHuu2guQOHXvgR1m0vdXcDazv/wor3ElhVsT/h5/WrQ8
 -----END CERTIFICATE-----
 
-RSA Security 2048 v3
-====================
------BEGIN CERTIFICATE-----
-MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUFADA6MRkwFwYDVQQK
-ExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJpdHkgMjA0OCBWMzAeFw0wMTAy
-MjIyMDM5MjNaFw0yNjAyMjIyMDM5MjNaMDoxGTAXBgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAb
-BgNVBAsTFFJTQSBTZWN1cml0eSAyMDQ4IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAt49VcdKA3XtpeafwGFAyPGJn9gqVB93mG/Oe2dJBVGutn3y+Gc37RqtBaB4Y6lXIL5F4iSj7
-Jylg/9+PjDvJSZu1pJTOAeo+tWN7fyb9Gd3AIb2E0S1PRsNO3Ng3OTsor8udGuorryGlwSMiuLgb
-WhOHV4PR8CDn6E8jQrAApX2J6elhc5SYcSa8LWrg903w8bYqODGBDSnhAMFRD0xS+ARaqn1y07iH
-KrtjEAMqs6FPDVpeRrc9DvV07Jmf+T0kgYim3WBU6JU2PcYJk5qjEoAAVZkZR73QpXzDuvsf9/UP
-+Ky5tfQ3mBMY3oVbtwyCO4dvlTlYMNpuAWgXIszACwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/
-MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQHw1EwpKrpRa41JPr/JCwz0LGdjDAdBgNVHQ4E
-FgQUB8NRMKSq6UWuNST6/yQsM9CxnYwwDQYJKoZIhvcNAQEFBQADggEBAF8+hnZuuDU8TjYcHnmY
-v/3VEhF5Ug7uMYm83X/50cYVIeiKAVQNOvtUudZj1LGqlk2iQk3UUx+LEN5/Zb5gEydxiKRz44Rj
-0aRV4VCT5hsOedBnvEbIvz8XDZXmxpBp3ue0L96VfdASPz0+f00/FGj1EVDVwfSQpQgdMWD/YIwj
-VAqv/qFuxdF6Kmh4zx6CCiC0H63lhbJqaHVOrSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395
-nzIlQnQFgCi/vcEkllgVsRch6YlL2weIZ/QVrXA+L02FO8K32/6YaCOJ4XQP3vTFhGMpG8zLB8kA
-pKnXwiJPZ9d37CAFYd4=
------END CERTIFICATE-----
-
 GeoTrust Global CA
 ==================
 -----BEGIN CERTIFICATE-----
@@ -294,27 +201,6 @@ XE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvm
 Mw==
 -----END CERTIFICATE-----
 
-GeoTrust Global CA 2
-====================
------BEGIN CERTIFICATE-----
-MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN
-R2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwHhcNMDQwMzA0MDUw
-MDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j
-LjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQDvPE1APRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/
-NTL8Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hLTytCOb1k
-LUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL5mkWRxHCJ1kDs6ZgwiFA
-Vvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7S4wMcoKK+xfNAGw6EzywhIdLFnopsk/b
-HdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQF
-MAMBAf8wHQYDVR0OBBYEFHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNH
-K266ZUapEBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6tdEPx7
-srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv/NgdRN3ggX+d6Yvh
-ZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywNA0ZF66D0f0hExghAzN4bcLUprbqL
-OzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkC
-x1YAzUm5s2x7UwQa4qjJqhIFI8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqF
-H4z1Ir+rzoPz4iIprn2DQKi6bA==
------END CERTIFICATE-----
-
 GeoTrust Universal CA
 =====================
 -----BEGIN CERTIFICATE-----
@@ -397,25 +283,6 @@ YQa7FkKMcPcw++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
 398znM/jra6O1I7mT1GvFpLgXPYHDw==
 -----END CERTIFICATE-----
 
-Certum Root CA
-==============
------BEGIN CERTIFICATE-----
-MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQK
-ExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBDQTAeFw0wMjA2MTExMDQ2Mzla
-Fw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u
-by4xEjAQBgNVBAMTCUNlcnR1bSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6x
-wS7TT3zNJc4YPk/EjG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdL
-kKWoePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GIULdtlkIJ
-89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapuOb7kky/ZR6By6/qmW6/K
-Uz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUgAKpoC6EahQGcxEZjgoi2IrHu/qpGWX7P
-NSzVttpd90gzFFS269lvzs2I1qsb2pY7HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkq
-hkiG9w0BAQUFAAOCAQEAuI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+
-GXYkHAQaTOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTgxSvg
-GrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1qCjqTE5s7FCMTY5w/
-0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5xO/fIR/RpbxXyEV6DHpx8Uq79AtoS
-qFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs6GAqm4VKQPNriiTsBhYscw==
------END CERTIFICATE-----
-
 Comodo AAA Services root
 ========================
 -----BEGIN CERTIFICATE-----
@@ -440,56 +307,6 @@ Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2G9w84FoVxp7Z
 12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
 -----END CERTIFICATE-----
 
-Comodo Secure Services root
-===========================
------BEGIN CERTIFICATE-----
-MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS
-R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg
-TGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAw
-MDAwMFoXDTI4MTIzMTIzNTk1OVowfjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFu
-Y2hlc3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAi
-BgNVBAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPMcm3ye5drswfxdySRXyWP
-9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3SHpR7LZQdqnXXs5jLrLxkU0C8j6ysNstc
-rbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rC
-oznl2yY4rYsK7hljxxwk3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3V
-p6ea5EQz6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNVHQ4E
-FgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
-gYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1NlY3VyZUNlcnRpZmlj
-YXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRwOi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlm
-aWNhdGVTZXJ2aWNlcy5jcmwwDQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm
-4J4oqF7Tt/Q05qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj
-Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtIgKvcnDe4IRRL
-DXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJaD61JlfutuC23bkpgHl9j6Pw
-pCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDlizeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1H
-RR3B7Hzs/Sk=
------END CERTIFICATE-----
-
-Comodo Trusted Services root
-============================
------BEGIN CERTIFICATE-----
-MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS
-R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg
-TGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEw
-MDAwMDBaFw0yODEyMzEyMzU5NTlaMH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1h
-bmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUw
-IwYDVQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWWfnJSoBVC21ndZHoa0Lh7
-3TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMtTGo87IvDktJTdyR0nAducPy9C1t2ul/y
-/9c3S0pgePfw+spwtOpZqqPOSC+pw7ILfhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6
-juljatEPmsbS9Is6FARW1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsS
-ivnkBbA7kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0GA1Ud
-DgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
-/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21vZG9jYS5jb20vVHJ1c3RlZENlcnRp
-ZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRodHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENl
-cnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8Ntw
-uleGFTQQuS9/HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32
-pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxISjBc/lDb+XbDA
-BHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+xqFx7D+gIIxmOom0jtTYsU0l
-R+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/AtyjcndBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O
-9y5Xt5hwXsjEeLBi
------END CERTIFICATE-----
-
 QuoVadis Root CA
 ================
 -----BEGIN CERTIFICATE-----
@@ -629,86 +446,6 @@ EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH
 llpwrN9M
 -----END CERTIFICATE-----
 
-UTN USERFirst Hardware Root CA
-==============================
------BEGIN CERTIFICATE-----
-MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UE
-BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl
-IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAd
-BgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgx
-OTIyWjCBlzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0
-eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVz
-ZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlI
-wrthdBKWHTxqctU8EGc6Oe0rE81m65UJM6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFd
-tqdt++BxF2uiiPsA3/4aMXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8
-i4fDidNdoI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqIDsjf
-Pe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9KsyoUhbAgMBAAGjgbkw
-gbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKFyXyYbKJhDlV0HN9WF
-lp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNF
-UkZpcnN0LUhhcmR3YXJlLmNybDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUF
-BwMGBggrBgEFBQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
-//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28GpgoiskliCE7/yMgUsogW
-XecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gECJChicsZUN/KHAG8HQQZexB2
-lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kn
-iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67
-nfhmqA==
------END CERTIFICATE-----
-
-Camerfirma Chambers of Commerce Root
-====================================
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe
-QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i
-ZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAx
-NjEzNDNaFw0zNzA5MzAxNjEzNDRaMH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZp
-cm1hIFNBIENJRiBBODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3Jn
-MSIwIAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0BAQEFAAOC
-AQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtbunXF/KGIJPov7coISjlU
-xFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0dBmpAPrMMhe5cG3nCYsS4No41XQEMIwRH
-NaqbYE6gZj3LJgqcQKH0XZi/caulAGgq7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jW
-DA+wWFjbw2Y3npuRVDM30pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFV
-d9oKDMyXroDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIGA1Ud
-EwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5jaGFtYmVyc2lnbi5v
-cmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p26EpW1eLTXYGduHRooowDgYDVR0P
-AQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hh
-bWJlcnNpZ24ub3JnMCcGA1UdEgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYD
-VR0gBFEwTzBNBgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz
-aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEBAAxBl8IahsAi
-fJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZdp0AJPaxJRUXcLo0waLIJuvvD
-L8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wN
-UPf6s+xCX6ndbcj0dc97wXImsQEcXCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/n
-ADydb47kMgkdTXg0eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1
-erfutGWaIZDgqtCYvDi1czyL+Nw=
------END CERTIFICATE-----
-
-Camerfirma Global Chambersign Root
-==================================
------BEGIN CERTIFICATE-----
-MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe
-QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i
-ZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYx
-NDE4WhcNMzcwOTMwMTYxNDE4WjB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt
-YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEg
-MB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAw
-ggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0Mi+ITaFgCPS3CU6gSS9J
-1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/sQJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8O
-by4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpVeAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl
-6DJWk0aJqCWKZQbua795B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c
-8lCrEqWhz0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0TAQH/
-BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1iZXJzaWduLm9yZy9j
-aGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4wTcbOX60Qq+UDpfqpFDAOBgNVHQ8B
-Af8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBj
-aGFtYmVyc2lnbi5vcmcwKgYDVR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9y
-ZzBbBgNVHSAEVDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh
-bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0BAQUFAAOCAQEA
-PDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUMbKGKfKX0j//U2K0X1S0E0T9Y
-gOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXiryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJ
-PJ7oKXqJ1/6v/2j1pReQvayZzKWGVwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4
-IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes
-t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
------END CERTIFICATE-----
-
 XRamp Global CA Root
 ====================
 -----BEGIN CERTIFICATE-----
@@ -781,47 +518,6 @@ KVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEYWQPJIrSPnNVeKtelttQKbfi3
 QBFGmh95DmK/D5fs4C8fF5Q=
 -----END CERTIFICATE-----
 
-StartCom Certification Authority
-================================
------BEGIN CERTIFICATE-----
-MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN
-U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu
-ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0
-NjM2WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk
-LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg
-U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
-ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y
-o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/
-Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d
-eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt
-2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z
-6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ
-osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/
-untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc
-UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT
-37uMdBNSSwIDAQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9jZXJ0LnN0YXJ0
-Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0Y29tLm9yZy9zZnNj
-YS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFMBgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUH
-AgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRw
-Oi8vY2VydC5zdGFydGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYg
-U3RhcnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlhYmlsaXR5
-LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENl
-cnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL2NlcnQuc3Rh
-cnRjb20ub3JnL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilT
-dGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC
-AgEAFmyZ9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8jhvh
-3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUWFjgKXlf2Ysd6AgXm
-vB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJzewT4F+irsfMuXGRuczE6Eri8sxHk
-fY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3
-fsNrarnDy0RLrHiQi+fHLB5LEUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZ
-EoalHmdkrQYuL6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
-yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuCO3NJo2pXh5Tl
-1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6Vum0ABj6y6koQOdjQK/W/7HW/
-lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkyShNOsF/5oirpt9P/FlUQqmMGqz9IgcgA38coro
-g14=
------END CERTIFICATE-----
-
 Taiwan GRCA
 ===========
 -----BEGIN CERTIFICATE-----
@@ -852,38 +548,6 @@ CZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy
 +fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQS
 -----END CERTIFICATE-----
 
-Swisscom Root CA 1
-==================
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQG
-EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy
-dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4
-MTgyMjA2MjBaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln
-aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIIC
-IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9m2BtRsiM
-MW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdihFvkcxC7mlSpnzNApbjyF
-NDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/TilftKaNXXsLmREDA/7n29uj/x2lzZAe
-AR81sH8A25Bvxn570e56eqeqDFdvpG3FEzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkC
-b6dJtDZd0KTeByy2dbcokdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn
-7uHbHaBuHYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNFvJbN
-cA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo19AOeCMgkckkKmUp
-WyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjCL3UcPX7ape8eYIVpQtPM+GP+HkM5
-haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJWbjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNY
-MUJDLXT5xp6mig/p/r+D5kNXJLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw
-HQYDVR0hBBYwFDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j
-BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzcK6FptWfUjNP9
-MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzfky9NfEBWMXrrpA9gzXrzvsMn
-jgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7IkVh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQ
-MbFamIp1TpBcahQq4FJHgmDmHtqBsfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4H
-VtA4oJVwIHaM190e3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtl
-vrsRls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ipmXeascCl
-OS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HHb6D0jqTsNFFbjCYDcKF3
-1QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksfrK/7DZBaZmBwXarNeNQk7shBoJMBkpxq
-nvy5JMWzFYJ+vq6VK+uxwNrjAWALXmmshFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCy
-x/yP2FS1k2Kdzs9Z+z0YzirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMW
-NY6E0F/6MBr1mmz0DlP5OlvRHA==
------END CERTIFICATE-----
-
 DigiCert Assured ID Root CA
 ===========================
 -----BEGIN CERTIFICATE-----
@@ -992,30 +656,6 @@ RLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubS
 fZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
 -----END CERTIFICATE-----
 
-DST ACES CA X6
-==============
------BEGIN CERTIFICATE-----
-MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQG
-EwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QxETAPBgNVBAsTCERTVCBBQ0VT
-MRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0wMzExMjAyMTE5NThaFw0xNzExMjAyMTE5NTha
-MFsxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UE
-CxMIRFNUIEFDRVMxFzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPuktKe1jzI
-DZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7gLFViYsx+tC3dr5BPTCa
-pCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZHfAjIgrrep4c9oW24MFbCswKBXy314pow
-GCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4aahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPy
-MjwmR/onJALJfh1biEITajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1Ud
-EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rkc3Qu
-Y29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjtodHRwOi8vd3d3LnRy
-dXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMtaW5kZXguaHRtbDAdBgNVHQ4EFgQU
-CXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZIhvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V2
-5FYrnJmQ6AgwbN99Pe7lv7UkQIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6t
-Fr8hlxCBPeP/h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq
-nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpRrscL9yuwNwXs
-vFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf29w4LTJxoeHtxMcfrHuBnQfO3
-oKfN5XozNmr6mis=
------END CERTIFICATE-----
-
 SwissSign Gold CA - G2
 ======================
 -----BEGIN CERTIFICATE-----
@@ -1241,33 +881,6 @@ wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHNpGxlaKFJdlxD
 ydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
 -----END CERTIFICATE-----
 
-WellsSecure Public Root Certificate Authority
-=============================================
------BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoM
-F1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYw
-NAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcN
-MDcxMjEzMTcwNzU0WhcNMjIxMjE0MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dl
-bGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYD
-VQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+rWxxTkqxtnt3CxC5FlAM1
-iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjUDk/41itMpBb570OYj7OeUt9tkTmPOL13
-i0Nj67eT/DBMHAGTthP796EfvyXhdDcsHqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8
-bJVhHlfXBIEyg1J55oNjz7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiB
-K0HmOFafSZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/SlwxlAgMB
-AAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwu
-cGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBQm
-lRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0jBIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGB
-i6SBiDCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRww
-GgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg
-Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEBALkVsUSRzCPI
-K0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd/ZDJPHV3V3p9+N701NX3leZ0
-bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pBA4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSlj
-qHyita04pO2t/caaH/+Xc/77szWnk4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+es
-E2fDbbFwRnzVlhE9iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJ
-tylv2G0xffX8oRAHh84vWdw+WNs=
------END CERTIFICATE-----
-
 COMODO ECC Certification Authority
 ==================================
 -----BEGIN CERTIFICATE-----
@@ -1285,51 +898,6 @@ FAkK+qDmfQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdvGDeA
 U/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY=
 -----END CERTIFICATE-----
 
-IGC/A
-=====
------BEGIN CERTIFICATE-----
-MIIEAjCCAuqgAwIBAgIFORFFEJQwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYTAkZSMQ8wDQYD
-VQQIEwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVE
-Q1NTSTEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZy
-MB4XDTAyMTIxMzE0MjkyM1oXDTIwMTAxNzE0MjkyMlowgYUxCzAJBgNVBAYTAkZSMQ8wDQYDVQQI
-EwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVEQ1NT
-STEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZyMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh/R0GLFMzvABIaIs9z4iPf930Pfeo2aSVz2
-TqrMHLmh6yeJ8kbpO0px1R2OLc/mratjUMdUC24SyZA2xtgv2pGqaMVy/hcKshd+ebUyiHDKcMCW
-So7kVc0dJ5S/znIq7Fz5cyD+vfcuiWe4u0dzEvfRNWk68gq5rv9GQkaiv6GFGvm/5P9JhfejcIYy
-HF2fYPepraX/z9E0+X1bF8bc1g4oa8Ld8fUzaJ1O/Id8NhLWo4DoQw1VYZTqZDdH6nfK0LJYBcNd
-frGoRpAxVs5wKpayMLh35nnAvSk7/ZR3TL0gzUEl4C7HG7vupARB0l2tEmqKm0f7yd1GQOGdPDPQ
-tQIDAQABo3cwdTAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBRjAVBgNVHSAEDjAMMAoGCCqB
-egF5AQEBMB0GA1UdDgQWBBSjBS8YYFDCiQrdKyFP/45OqDAxNjAfBgNVHSMEGDAWgBSjBS8YYFDC
-iQrdKyFP/45OqDAxNjANBgkqhkiG9w0BAQUFAAOCAQEABdwm2Pp3FURo/C9mOnTgXeQp/wYHE4RK
-q89toB9RlPhJy3Q2FLwV3duJL92PoF189RLrn544pEfMs5bZvpwlqwN+Mw+VgQ39FuCIvjfwbF3Q
-MZsyK10XZZOYYLxuj7GoPB7ZHPOpJkL5ZB3C55L29B5aqhlSXa/oovdgoPaN8In1buAKBQGVyYsg
-Crpa/JosPL3Dt8ldeCUFP1YUmwza+zpI/pdpXsoQhvdOlgQITeywvl3cO45Pwf2aNjSaTFR+FwNI
-lQgRHAdvhQh+XU3Endv7rs6y0bO4g2wdsrN58dhwmX7wEwLOXt1R0982gaEbeC9xs/FZTEYYKKuF
-0mBWWg==
------END CERTIFICATE-----
-
-Security Communication EV RootCA1
-=================================
------BEGIN CERTIFICATE-----
-MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
-U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMhU2VjdXJpdHkgQ29tbXVuaWNh
-dGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIzMloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UE
-BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNl
-Y3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSERMqm4miO
-/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gOzXppFodEtZDkBp2uoQSX
-WHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4z
-ZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDFMxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4
-bepJz11sS6/vmsJWXMY1VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK
-9U2vP9eCOKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
-SIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HWtWS3irO4G8za+6xm
-iEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZq51ihPZRwSzJIxXYKLerJRO1RuGG
-Av8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDbEJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnW
-mHyojf6GPgcWkuF75x3sM3Z+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEW
-T1MKZPlO9L9OVL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490
------END CERTIFICATE-----
-
 OISTE WISeKey Global Root GA CA
 ===============================
 -----BEGIN CERTIFICATE-----
@@ -1353,46 +921,6 @@ hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY
 okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0=
 -----END CERTIFICATE-----
 
-Microsec e-Szigno Root CA
-=========================
------BEGIN CERTIFICATE-----
-MIIHqDCCBpCgAwIBAgIRAMy4579OKRr9otxmpRwsDxEwDQYJKoZIhvcNAQEFBQAwcjELMAkGA1UE
-BhMCSFUxETAPBgNVBAcTCEJ1ZGFwZXN0MRYwFAYDVQQKEw1NaWNyb3NlYyBMdGQuMRQwEgYDVQQL
-EwtlLVN6aWdubyBDQTEiMCAGA1UEAxMZTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQTAeFw0wNTA0
-MDYxMjI4NDRaFw0xNzA0MDYxMjI4NDRaMHIxCzAJBgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVz
-dDEWMBQGA1UEChMNTWljcm9zZWMgTHRkLjEUMBIGA1UECxMLZS1Temlnbm8gQ0ExIjAgBgNVBAMT
-GU1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDtyADVgXvNOABHzNuEwSFpLHSQDCHZU4ftPkNEU6+r+ICbPHiN1I2uuO/TEdyB5s87lozWbxXG
-d36hL+BfkrYn13aaHUM86tnsL+4582pnS4uCzyL4ZVX+LMsvfUh6PXX5qqAnu3jCBspRwn5mS6/N
-oqdNAoI/gqyFxuEPkEeZlApxcpMqyabAvjxWTHOSJ/FrtfX9/DAFYJLG65Z+AZHCabEeHXtTRbjc
-QR/Ji3HWVBTji1R4P770Yjtb9aPs1ZJ04nQw7wHb4dSrmZsqa/i9phyGI0Jf7Enemotb9HI6QMVJ
-PqW+jqpx62z69Rrkav17fVVA71hu5tnVvCSrwe+3AgMBAAGjggQ3MIIEMzBnBggrBgEFBQcBAQRb
-MFkwKAYIKwYBBQUHMAGGHGh0dHBzOi8vcmNhLmUtc3ppZ25vLmh1L29jc3AwLQYIKwYBBQUHMAKG
-IWh0dHA6Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNydDAPBgNVHRMBAf8EBTADAQH/MIIBcwYD
-VR0gBIIBajCCAWYwggFiBgwrBgEEAYGoGAIBAQEwggFQMCgGCCsGAQUFBwIBFhxodHRwOi8vd3d3
-LmUtc3ppZ25vLmh1L1NaU1ovMIIBIgYIKwYBBQUHAgIwggEUHoIBEABBACAAdABhAG4A+gBzAO0A
-dAB2AOEAbgB5ACAA6QByAHQAZQBsAG0AZQB6AOkAcwDpAGgAZQB6ACAA6QBzACAAZQBsAGYAbwBn
-AGEAZADhAHMA4QBoAG8AegAgAGEAIABTAHoAbwBsAGcA4QBsAHQAYQB0APMAIABTAHoAbwBsAGcA
-4QBsAHQAYQB0AOEAcwBpACAAUwB6AGEAYgDhAGwAeQB6AGEAdABhACAAcwB6AGUAcgBpAG4AdAAg
-AGsAZQBsAGwAIABlAGwAagDhAHIAbgBpADoAIABoAHQAdABwADoALwAvAHcAdwB3AC4AZQAtAHMA
-egBpAGcAbgBvAC4AaAB1AC8AUwBaAFMAWgAvMIHIBgNVHR8EgcAwgb0wgbqggbeggbSGIWh0dHA6
-Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNybIaBjmxkYXA6Ly9sZGFwLmUtc3ppZ25vLmh1L0NO
-PU1pY3Jvc2VjJTIwZS1Temlnbm8lMjBSb290JTIwQ0EsT1U9ZS1Temlnbm8lMjBDQSxPPU1pY3Jv
-c2VjJTIwTHRkLixMPUJ1ZGFwZXN0LEM9SFU/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5h
-cnkwDgYDVR0PAQH/BAQDAgEGMIGWBgNVHREEgY4wgYuBEGluZm9AZS1zemlnbm8uaHWkdzB1MSMw
-IQYDVQQDDBpNaWNyb3NlYyBlLVN6aWduw7MgUm9vdCBDQTEWMBQGA1UECwwNZS1TemlnbsOzIEhT
-WjEWMBQGA1UEChMNTWljcm9zZWMgS2Z0LjERMA8GA1UEBxMIQnVkYXBlc3QxCzAJBgNVBAYTAkhV
-MIGsBgNVHSMEgaQwgaGAFMegSXUWYYTbMUuE0vE3QJDvTtz3oXakdDByMQswCQYDVQQGEwJIVTER
-MA8GA1UEBxMIQnVkYXBlc3QxFjAUBgNVBAoTDU1pY3Jvc2VjIEx0ZC4xFDASBgNVBAsTC2UtU3pp
-Z25vIENBMSIwIAYDVQQDExlNaWNyb3NlYyBlLVN6aWdubyBSb290IENBghEAzLjnv04pGv2i3Gal
-HCwPETAdBgNVHQ4EFgQUx6BJdRZhhNsxS4TS8TdAkO9O3PcwDQYJKoZIhvcNAQEFBQADggEBANMT
-nGZjWS7KXHAM/IO8VbH0jgdsZifOwTsgqRy7RlRw7lrMoHfqaEQn6/Ip3Xep1fvj1KcExJW4C+FE
-aGAHQzAxQmHl7tnlJNUb3+FKG6qfx1/4ehHqE5MAyopYse7tDk2016g2JnzgOsHVV4Lxdbb9iV/a
-86g4nzUGCM4ilb7N1fy+W955a9x6qWVmvrElWl/tftOsRm1M9DKHtCAE4Gx4sHfRhUZLphK3dehK
-yVZs15KrnfVJONJPU+NVkBHbmJbGSfI+9J8b4PeI3CVimUTYc78/MPMMNz7UwiiAc7EBt51alhQB
-S6kRnSlqLtBdgcDPsiBDxwPgN05dCtxZICU=
------END CERTIFICATE-----
-
 Certigna
 ========
 -----BEGIN CERTIFICATE-----
@@ -1490,86 +1018,6 @@ sP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTEW9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmOD
 BCEIZ43ygknQW/2xzQ+DhNQ+IIX3Sj0rnP0qCglN6oH4EZw=
 -----END CERTIFICATE-----
 
-T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3
-=============================================================================================================================
------BEGIN CERTIFICATE-----
-MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRSMRgwFgYDVQQH
-DA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJpbGltc2VsIHZlIFRla25vbG9q
-aWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSwVEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ry
-b25payB2ZSBLcmlwdG9sb2ppIEFyYcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNV
-BAsMGkthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUg
-S8O2ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAeFw0wNzA4
-MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIxGDAWBgNVBAcMD0dlYnpl
-IC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmlsaW1zZWwgdmUgVGVrbm9sb2ppayBBcmHF
-n3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBUQUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZl
-IEtyaXB0b2xvamkgQXJhxZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2Ft
-dSBTZXJ0aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7ZrIFNl
-cnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4hgb46ezzb8R1Sf1n68yJMlaCQvEhO
-Eav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yKO7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1
-xnnRFDDtG1hba+818qEhTsXOfJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR
-6Oqeyjh1jmKwlZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL
-hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQIDAQABo0IwQDAd
-BgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
-MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmPNOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4
-N5EY3ATIZJkrGG2AA1nJrvhY0D7twyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLT
-y9LQQfMmNkqblWwM7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYh
-LBOhgLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5noN+J1q2M
-dqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUsyZyQ2uypQjyttgI=
------END CERTIFICATE-----
-
-Buypass Class 2 CA 1
-====================
------BEGIN CERTIFICATE-----
-MIIDUzCCAjugAwIBAgIBATANBgkqhkiG9w0BAQUFADBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU
-QnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMiBDQSAxMB4XDTA2
-MTAxMzEwMjUwOVoXDTE2MTAxMzEwMjUwOVowSzELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBh
-c3MgQVMtOTgzMTYzMzI3MR0wGwYDVQQDDBRCdXlwYXNzIENsYXNzIDIgQ0EgMTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAIs8B0XY9t/mx8q6jUPFR42wWsE425KEHK8T1A9vNkYgxC7M
-cXA0ojTTNy7Y3Tp3L8DrKehc0rWpkTSHIln+zNvnma+WwajHQN2lFYxuyHyXA8vmIPLXl18xoS83
-0r7uvqmtqEyeIWZDO6i88wmjONVZJMHCR3axiFyCO7srpgTXjAePzdVBHfCuuCkslFJgNJQ72uA4
-0Z0zPhX0kzLFANq1KWYOOngPIVJfAuWSeyXTkh4vFZ2B5J2O6O+JzhRMVB0cgRJNcKi+EAUXfh/R
-uFdV7c27UsKwHnjCTTZoy1YmwVLBvXb3WNVyfh9EdrsAiR0WnVE1703CVu9r4Iw7DekCAwEAAaNC
-MEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUP42aWYv8e3uco684sDntkHGA1sgwDgYDVR0P
-AQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAVGn4TirnoB6NLJzKyQJHyIdFkhb5jatLPgcIV
-1Xp+DCmsNx4cfHZSldq1fyOhKXdlyTKdqC5Wq2B2zha0jX94wNWZUYN/Xtm+DKhQ7SLHrQVMdvvt
-7h5HZPb3J31cKA9FxVxiXqaakZG3Uxcu3K1gnZZkOb1naLKuBctN518fV4bVIJwo+28TOPX2EZL2
-fZleHwzoq0QkKXJAPTZSr4xYkHPB7GEseaHsh7U/2k3ZIQAw3pDaDtMaSKk+hQsUi4y8QZ5q9w5w
-wDX3OaJdZtB7WZ+oRxKaJyOkLY4ng5IgodcVf/EuGO70SH8vf/GhGLWhC5SgYiAynB321O+/TIho
------END CERTIFICATE-----
-
-EBG Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1
-==========================================================================
------BEGIN CERTIFICATE-----
-MIIF5zCCA8+gAwIBAgIITK9zQhyOdAIwDQYJKoZIhvcNAQEFBQAwgYAxODA2BgNVBAMML0VCRyBF
-bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMTcwNQYDVQQKDC5FQkcg
-QmlsacWfaW0gVGVrbm9sb2ppbGVyaSB2ZSBIaXptZXRsZXJpIEEuxZ4uMQswCQYDVQQGEwJUUjAe
-Fw0wNjA4MTcwMDIxMDlaFw0xNjA4MTQwMDMxMDlaMIGAMTgwNgYDVQQDDC9FQkcgRWxla3Ryb25p
-ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTE3MDUGA1UECgwuRUJHIEJpbGnFn2lt
-IFRla25vbG9qaWxlcmkgdmUgSGl6bWV0bGVyaSBBLsWeLjELMAkGA1UEBhMCVFIwggIiMA0GCSqG
-SIb3DQEBAQUAA4ICDwAwggIKAoICAQDuoIRh0DpqZhAy2DE4f6en5f2h4fuXd7hxlugTlkaDT7by
-X3JWbhNgpQGR4lvFzVcfd2NR/y8927k/qqk153nQ9dAktiHq6yOU/im/+4mRDGSaBUorzAzu8T2b
-gmmkTPiab+ci2hC6X5L8GCcKqKpE+i4stPtGmggDg3KriORqcsnlZR9uKg+ds+g75AxuetpX/dfr
-eYteIAbTdgtsApWjluTLdlHRKJ2hGvxEok3MenaoDT2/F08iiFD9rrbskFBKW5+VQarKD7JK/oCZ
-TqNGFav4c0JqwmZ2sQomFd2TkuzbqV9UIlKRcF0T6kjsbgNs2d1s/OsNA/+mgxKb8amTD8UmTDGy
-Y5lhcucqZJnSuOl14nypqZoaqsNW2xCaPINStnuWt6yHd6i58mcLlEOzrz5z+kI2sSXFCjEmN1Zn
-uqMLfdb3ic1nobc6HmZP9qBVFCVMLDMNpkGMvQQxahByCp0OLna9XvNRiYuoP1Vzv9s6xiQFlpJI
-qkuNKgPlV5EQ9GooFW5Hd4RcUXSfGenmHmMWOeMRFeNYGkS9y8RsZteEBt8w9DeiQyJ50hBs37vm
-ExH8nYQKE3vwO9D8owrXieqWfo1IhR5kX9tUoqzVegJ5a9KK8GfaZXINFHDk6Y54jzJ0fFfy1tb0
-Nokb+Clsi7n2l9GkLqq+CxnCRelwXQIDAJ3Zo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
-/wQEAwIBBjAdBgNVHQ4EFgQU587GT/wWZ5b6SqMHwQSny2re2kcwHwYDVR0jBBgwFoAU587GT/wW
-Z5b6SqMHwQSny2re2kcwDQYJKoZIhvcNAQEFBQADggIBAJuYml2+8ygjdsZs93/mQJ7ANtyVDR2t
-FcU22NU57/IeIl6zgrRdu0waypIN30ckHrMk2pGI6YNw3ZPX6bqz3xZaPt7gyPvT/Wwp+BVGoGgm
-zJNSroIBk5DKd8pNSe/iWtkqvTDOTLKBtjDOWU/aWR1qeqRFsIImgYZ29fUQALjuswnoT4cCB64k
-XPBfrAowzIpAoHMEwfuJJPaaHFy3PApnNgUIMbOv2AFoKuB4j3TeuFGkjGwgPaL7s9QJ/XvCgKqT
-bCmYIai7FvOpEl90tYeY8pUm3zTvilORiF0alKM/fCL414i6poyWqD1SNGKfAB5UVUJnxk1Gj7sU
-RT0KlhaOEKGXmdXTMIXM3rRyt7yKPBgpaP3ccQfuJDlq+u2lrDgv+R4QDgZxGhBM/nV+/x5XOULK
-1+EVoVZVWRvRo68R2E7DpSvvkL/A7IITW43WciyTTo9qKd+FPNMN4KIYEsxVL0e3p5sC/kH2iExt
-2qkBR4NkJ2IQgtYSe14DHzSpyZH+r11thie3I6p1GMog57AP14kOpmciY/SDQSsGS7tY1dHXt7kQ
-Y9iJSrSq3RZj9W6+YKH47ejWkE8axsWgKdOnIaj1Wjz3x0miIZpKlVIglnKaZsv30oZDfCK+lvm9
-AahH3eU7QPl1K5srRmSGjR70j/sHd9DqSaIcjVIUpgqT
------END CERTIFICATE-----
-
 certSIGN ROOT CA
 ================
 -----BEGIN CERTIFICATE-----
@@ -1590,49 +1038,6 @@ vBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNwi/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7Nz
 TogVZ96edhBiIL5VaZVDADlN9u6wWk5JRFRYX0KD
 -----END CERTIFICATE-----
 
-CNNIC ROOT
-==========
------BEGIN CERTIFICATE-----
-MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJDTjEOMAwGA1UE
-ChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2MDcwOTE0WhcNMjcwNDE2MDcw
-OTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1Qw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzD
-o+/hn7E7SIX1mlwhIhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tiz
-VHa6dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZOV/kbZKKT
-VrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrCGHn2emU1z5DrvTOTn1Or
-czvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gNv7Sg2Ca+I19zN38m5pIEo3/PIKe38zrK
-y5nLAgMBAAGjczBxMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscC
-wQ7vptU7ETAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991S
-lgrHAsEO76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnKOOK5
-Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvHugDnuL8BV8F3RTIM
-O/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7HgviyJA/qIYM/PmLXoXLT1tLYhFHxUV8
-BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fLbuXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2
-G8kS1sHNzYDzAgE8yGnLRUhj2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5m
-mxE=
------END CERTIFICATE-----
-
-ApplicationCA - Japanese Government
-===================================
------BEGIN CERTIFICATE-----
-MIIDoDCCAoigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJKUDEcMBoGA1UEChMT
-SmFwYW5lc2UgR292ZXJubWVudDEWMBQGA1UECxMNQXBwbGljYXRpb25DQTAeFw0wNzEyMTIxNTAw
-MDBaFw0xNzEyMTIxNTAwMDBaMEMxCzAJBgNVBAYTAkpQMRwwGgYDVQQKExNKYXBhbmVzZSBHb3Zl
-cm5tZW50MRYwFAYDVQQLEw1BcHBsaWNhdGlvbkNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAp23gdE6Hj6UG3mii24aZS2QNcfAKBZuOquHMLtJqO8F6tJdhjYq+xpqcBrSGUeQ3DnR4
-fl+Kf5Sk10cI/VBaVuRorChzoHvpfxiSQE8tnfWuREhzNgaeZCw7NCPbXCbkcXmP1G55IrmTwcrN
-wVbtiGrXoDkhBFcsovW8R0FPXjQilbUfKW1eSvNNcr5BViCH/OlQR9cwFO5cjFW6WY2H/CPek9AE
-jP3vbb3QesmlOmpyM8ZKDQUXKi17safY1vC+9D/qDihtQWEjdnjDuGWk81quzMKq2edY3rZ+nYVu
-nyoKb58DKTCXKB28t89UKU5RMfkntigm/qJj5kEW8DOYRwIDAQABo4GeMIGbMB0GA1UdDgQWBBRU
-WssmP3HMlEYNllPqa0jQk/5CdTAOBgNVHQ8BAf8EBAMCAQYwWQYDVR0RBFIwUKROMEwxCzAJBgNV
-BAYTAkpQMRgwFgYDVQQKDA/ml6XmnKzlm73mlL/lupwxIzAhBgNVBAsMGuOCouODl+ODquOCseOD
-vOOCt+ODp+ODs0NBMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADlqRHZ3ODrs
-o2dGD/mLBqj7apAxzn7s2tGJfHrrLgy9mTLnsCTWw//1sogJhyzjVOGjprIIC8CFqMjSnHH2HZ9g
-/DgzE+Ge3Atf2hZQKXsvcJEPmbo0NI2VdMV+eKlmXb3KIXdCEKxmJj3ekav9FfBv7WxfEPjzFvYD
-io+nEhEMy/0/ecGc/WLuo89UDNErXxc+4z6/wCs+CZv+iKZ+tJIX/COUgb1up8WMwusRRdv4QcmW
-dupwX3kSa+SjB1oF7ydJzyGfikwJcGapJsErEU4z0g781mzSDjJkaP+tBXhfAx2o45CsJOAPQKdL
-rosot4LKGAfmt1t06SAZf7IbiVQ=
------END CERTIFICATE-----
-
 GeoTrust Primary Certification Authority - G3
 =============================================
 -----BEGIN CERTIFICATE-----
@@ -1764,7 +1169,7 @@ AJw9SDkjOVgaFRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA==
 -----END CERTIFICATE-----
 
 NetLock Arany (Class Gold) Főtanúsítvány
-============================================
+========================================
 -----BEGIN CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G
 A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610
@@ -1819,34 +1224,6 @@ IPVVYpbtbZNQvOSqeK3Zywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm
 66+KAQ==
 -----END CERTIFICATE-----
 
-Juur-SK
-=======
------BEGIN CERTIFICATE-----
-MIIE5jCCA86gAwIBAgIEO45L/DANBgkqhkiG9w0BAQUFADBdMRgwFgYJKoZIhvcNAQkBFglwa2lA
-c2suZWUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKExlBUyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMRAw
-DgYDVQQDEwdKdXVyLVNLMB4XDTAxMDgzMDE0MjMwMVoXDTE2MDgyNjE0MjMwMVowXTEYMBYGCSqG
-SIb3DQEJARYJcGtpQHNrLmVlMQswCQYDVQQGEwJFRTEiMCAGA1UEChMZQVMgU2VydGlmaXRzZWVy
-aW1pc2tlc2t1czEQMA4GA1UEAxMHSnV1ci1TSzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAIFxNj4zB9bjMI0TfncyRsvPGbJgMUaXhvSYRqTCZUXP00B841oiqBB4M8yIsdOBSvZiF3tf
-TQou0M+LI+5PAk676w7KvRhj6IAcjeEcjT3g/1tf6mTll+g/mX8MCgkzABpTpyHhOEvWgxutr2TC
-+Rx6jGZITWYfGAriPrsfB2WThbkasLnE+w0R9vXW+RvHLCu3GFH+4Hv2qEivbDtPL+/40UceJlfw
-UR0zlv/vWT3aTdEVNMfqPxZIe5EcgEMPPbgFPtGzlc3Yyg/CQ2fbt5PgIoIuvvVoKIO5wTtpeyDa
-Tpxt4brNj3pssAki14sL2xzVWiZbDcDq5WDQn/413z8CAwEAAaOCAawwggGoMA8GA1UdEwEB/wQF
-MAMBAf8wggEWBgNVHSAEggENMIIBCTCCAQUGCisGAQQBzh8BAQEwgfYwgdAGCCsGAQUFBwICMIHD
-HoHAAFMAZQBlACAAcwBlAHIAdABpAGYAaQBrAGEAYQB0ACAAbwBuACAAdgDkAGwAagBhAHMAdABh
-AHQAdQBkACAAQQBTAC0AaQBzACAAUwBlAHIAdABpAGYAaQB0AHMAZQBlAHIAaQBtAGkAcwBrAGUA
-cwBrAHUAcwAgAGEAbABhAG0ALQBTAEsAIABzAGUAcgB0AGkAZgBpAGsAYQBhAHQAaQBkAGUAIABr
-AGkAbgBuAGkAdABhAG0AaQBzAGUAawBzMCEGCCsGAQUFBwIBFhVodHRwOi8vd3d3LnNrLmVlL2Nw
-cy8wKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3d3dy5zay5lZS9qdXVyL2NybC8wHQYDVR0OBBYE
-FASqekej5ImvGs8KQKcYP2/v6X2+MB8GA1UdIwQYMBaAFASqekej5ImvGs8KQKcYP2/v6X2+MA4G
-A1UdDwEB/wQEAwIB5jANBgkqhkiG9w0BAQUFAAOCAQEAe8EYlFOiCfP+JmeaUOTDBS8rNXiRTHyo
-ERF5TElZrMj3hWVcRrs7EKACr81Ptcw2Kuxd/u+gkcm2k298gFTsxwhwDY77guwqYHhpNjbRxZyL
-abVAyJRld/JXIWY7zoVAtjNjGr95HvxcHdMdkxuLDF2FvZkwMhgJkVLpfKG6/2SSmuz+Ne6ML678
-IIbsSt4beDI3poHSna9aEhbKmVv8b20OxaAehsmR0FyYgl9jDIpaq9iVpszLita/ZEuOyoqysOkh
-Mp6qqIWYNIE5ITuoOlIyPfZrN4YGWhWY3PARZv40ILcD9EEQfTmEeZZyY7aWAuVrua0ZTbvGRNs2
-yyqcjg==
------END CERTIFICATE-----
-
 Hongkong Post Root CA 1
 =======================
 -----BEGIN CERTIFICATE-----
@@ -1888,37 +1265,6 @@ y8hSyn+B/tlr0/cR7SXf+Of5pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061
 lgeLKBObjBmNQSdJQO7e5iNEOdyhIta6A/I=
 -----END CERTIFICATE-----
 
-ACEDICOM Root
-=============
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UEAwwNQUNFRElD
-T00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMB4XDTA4
-MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEWMBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoG
-A1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEF
-AAOCAg8AMIICCgKCAgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHk
-WLn709gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7XBZXehuD
-YAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5PGrjm6gSSrj0RuVFCPYew
-MYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAKt0SdE3QrwqXrIhWYENiLxQSfHY9g5QYb
-m8+5eaA9oiM/Qj9r+hwDezCNzmzAv+YbX79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbk
-HQl/Sog4P75n/TSW9R28MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTT
-xKJxqvQUfecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI2Sf2
-3EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyHK9caUPgn6C9D4zq9
-2Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEaeZAwUswdbxcJzbPEHXEUkFDWug/Fq
-TYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz
-4SsrSbbXc6GqlPUB53NlTKxQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU
-9QHnc2VMrFAwRAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv
-bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWImfQwng4/F9tqg
-aHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3gvoFNTPhNahXwOf9jU8/kzJP
-eGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKeI6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1Pwk
-zQSulgUV1qzOMPPKC8W64iLgpq0i5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1
-ThCojz2GuHURwCRiipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oI
-KiMnMCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZo5NjEFIq
-nxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6zqylfDJKZ0DcMDQj3dcE
-I2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacNGHk0vFQYXlPKNFHtRQrmjseCNj6nOGOp
-MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o
-tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA==
------END CERTIFICATE-----
-
 Microsec e-Szigno Root CA 2009
 ==============================
 -----BEGIN CERTIFICATE-----
@@ -2279,72 +1625,6 @@ Zt3hrvJBW8qYVoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI
 03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw=
 -----END CERTIFICATE-----
 
-Certinomis - Autorité Racine
-=============================
------BEGIN CERTIFICATE-----
-MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK
-Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg
-LSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkG
-A1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYw
-JAYDVQQDDB1DZXJ0aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQAD
-ggIPADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jYF1AMnmHa
-wE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N8y4oH3DfVS9O7cdxbwly
-Lu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWerP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw
-2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92N
-jMD2AR5vpTESOH2VwnHu7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9q
-c1pkIuVC28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6lSTC
-lrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1Enn1So2+WLhl+HPNb
-xxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB0iSVL1N6aaLwD4ZFjliCK0wi1F6g
-530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql095gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna
-4NH4+ej9Uji29YnfAgMBAAGjWzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G
-A1UdDgQWBBQNjLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ
-KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9sov3/4gbIOZ/x
-WqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZMOH8oMDX/nyNTt7buFHAAQCva
-R6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40
-nJ+U8/aGH88bc62UeYdocMMzpXDn2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1B
-CxMjidPJC+iKunqjo3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjv
-JL1vnxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG5ERQL1TE
-qkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWqpdEdnV1j6CTmNhTih60b
-WfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZbdsLLO7XSAPCjDuGtbkD326C00EauFddE
-wk01+dIL8hf2rGbVJLJP0RyZwG71fet0BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/
-vgt2Fl43N+bYdJeimUV5
------END CERTIFICATE-----
-
-Root CA Generalitat Valenciana
-==============================
------BEGIN CERTIFICATE-----
-MIIGizCCBXOgAwIBAgIEO0XlaDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJFUzEfMB0GA1UE
-ChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290
-IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwHhcNMDEwNzA2MTYyMjQ3WhcNMjEwNzAxMTUyMjQ3
-WjBoMQswCQYDVQQGEwJFUzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UE
-CxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGKqtXETcvIorKA3Qdyu0togu8M1JAJke+WmmmO3I2
-F0zo37i7L3bhQEZ0ZQKQUgi0/6iMweDHiVYQOTPvaLRfX9ptI6GJXiKjSgbwJ/BXufjpTjJ3Cj9B
-ZPPrZe52/lSqfR0grvPXdMIKX/UIKFIIzFVd0g/bmoGlu6GzwZTNVOAydTGRGmKy3nXiz0+J2ZGQ
-D0EbtFpKd71ng+CT516nDOeB0/RSrFOyA8dEJvt55cs0YFAQexvba9dHq198aMpunUEDEO5rmXte
-JajCq+TA81yc477OMUxkHl6AovWDfgzWyoxVjr7gvkkHD6MkQXpYHYTqWBLI4bft75PelAgxAgMB
-AAGjggM7MIIDNzAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnBraS5n
-dmEuZXMwEgYDVR0TAQH/BAgwBgEB/wIBAjCCAjQGA1UdIASCAiswggInMIICIwYKKwYBBAG/VQIB
-ADCCAhMwggHoBggrBgEFBQcCAjCCAdoeggHWAEEAdQB0AG8AcgBpAGQAYQBkACAAZABlACAAQwBl
-AHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAFIAYQDtAHoAIABkAGUAIABsAGEAIABHAGUAbgBlAHIA
-YQBsAGkAdABhAHQAIABWAGEAbABlAG4AYwBpAGEAbgBhAC4ADQAKAEwAYQAgAEQAZQBjAGwAYQBy
-AGEAYwBpAPMAbgAgAGQAZQAgAFAAcgDhAGMAdABpAGMAYQBzACAAZABlACAAQwBlAHIAdABpAGYA
-aQBjAGEAYwBpAPMAbgAgAHEAdQBlACAAcgBpAGcAZQAgAGUAbAAgAGYAdQBuAGMAaQBvAG4AYQBt
-AGkAZQBuAHQAbwAgAGQAZQAgAGwAYQAgAHAAcgBlAHMAZQBuAHQAZQAgAEEAdQB0AG8AcgBpAGQA
-YQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAHMAZQAgAGUAbgBjAHUAZQBu
-AHQAcgBhACAAZQBuACAAbABhACAAZABpAHIAZQBjAGMAaQDzAG4AIAB3AGUAYgAgAGgAdAB0AHAA
-OgAvAC8AdwB3AHcALgBwAGsAaQAuAGcAdgBhAC4AZQBzAC8AYwBwAHMwJQYIKwYBBQUHAgEWGWh0
-dHA6Ly93d3cucGtpLmd2YS5lcy9jcHMwHQYDVR0OBBYEFHs100DSHHgZZu90ECjcPk+yeAT8MIGV
-BgNVHSMEgY0wgYqAFHs100DSHHgZZu90ECjcPk+yeAT8oWykajBoMQswCQYDVQQGEwJFUzEfMB0G
-A1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScwJQYDVQQDEx5S
-b290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmGCBDtF5WgwDQYJKoZIhvcNAQEFBQADggEBACRh
-TvW1yEICKrNcda3FbcrnlD+laJWIwVTAEGmiEi8YPyVQqHxK6sYJ2fR1xkDar1CdPaUWu20xxsdz
-Ckj+IHLtb8zog2EWRpABlUt9jppSCS/2bxzkoXHPjCpaF3ODR00PNvsETUlR4hTJZGH71BTg9J63
-NI8KJr2XXPR5OkowGcytT6CYirQxlyric21+eLj4iIlPsSKRZEv1UN4D2+XFducTZnV+ZfsBn5OH
-iJ35Rld8TWCvmHMTI6QgkYH60GFmuH3Rr9ZvHmw96RH9qfmCIoaZM3Fa6hlXPZHNqcCjbgcTpsnt
-+GijnsNacgmHKNHEc8RzGF9QdRYxn7fofMM=
------END CERTIFICATE-----
-
 TWCA Root Certification Authority
 =================================
 -----BEGIN CERTIFICATE-----
@@ -2493,75 +1773,6 @@ l/9D7S3B2l0pKoU/rGXuhg8FjZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYl
 iB6XzCGcKQENZetX2fNXlrtIzYE=
 -----END CERTIFICATE-----
 
-StartCom Certification Authority
-================================
------BEGIN CERTIFICATE-----
-MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN
-U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu
-ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0
-NjM3WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk
-LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg
-U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
-ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y
-o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/
-Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d
-eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt
-2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z
-6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ
-osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/
-untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc
-UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT
-37uMdBNSSwIDAQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
-VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFulF2mHMMo0aEPQ
-Qa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCCATgwLgYIKwYBBQUHAgEWImh0
-dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu
-c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENv
-bW1lcmNpYWwgKFN0YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0
-aGUgc2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0aWZpY2F0
-aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t
-L3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBG
-cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5
-fPGFf59Jb2vKXfuM/gTFwWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWm
-N3PH/UvSTa0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst0OcN
-Org+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNcpRJvkrKTlMeIFw6T
-tn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKlCcWw0bdT82AUuoVpaiF8H3VhFyAX
-e2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVFP0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA
-2MFrLH9ZXF2RsXAiV+uKa0hK1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBs
-HvUwyKMQ5bLmKhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE
-JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ8dCAWZvLMdib
-D4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnmfyWl8kgAwKQB2j8=
------END CERTIFICATE-----
-
-StartCom Certification Authority G2
-===================================
------BEGIN CERTIFICATE-----
-MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMN
-U3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
-RzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UE
-ChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
-dHkgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8O
-o1XJJZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsDvfOpL9HG
-4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnooD/Uefyf3lLE3PbfHkffi
-Aez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/Q0kGi4xDuFby2X8hQxfqp0iVAXV16iul
-Q5XqFYSdCI0mblWbq9zSOdIxHWDirMxWRST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbs
-O+wmETRIjfaAKxojAuuKHDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8H
-vKTlXcxNnw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM0D4L
-nMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/iUUjXuG+v+E5+M5iS
-FGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9Ha90OrInwMEePnWjFqmveiJdnxMa
-z6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHgTuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8E
-BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJ
-KoZIhvcNAQELBQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K
-2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfXUfEpY9Z1zRbk
-J4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl6/2o1PXWT6RbdejF0mCy2wl+
-JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG
-/+gyRr61M3Z3qAFdlsHB1b6uJcDJHgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTc
-nIhT76IxW1hPkWLIwpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/Xld
-blhYXzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5lIxKVCCIc
-l85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoohdVddLHRDiBYmxOlsGOm
-7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulrso8uBtjRkcfGEvRM/TAXw8HaOFvjqerm
-obp573PYtlNXLfbQ4ddI
------END CERTIFICATE-----
-
 Buypass Class 2 Root CA
 =======================
 -----BEGIN CERTIFICATE-----
@@ -2668,31 +1879,6 @@ uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU
 dcGWxZ0=
 -----END CERTIFICATE-----
 
-TURKTRUST Certificate Services Provider Root 2007
-=================================================
------BEGIN CERTIFICATE-----
-MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOcUktUUlVTVCBF
-bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP
-MA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg
-QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4X
-DTA3MTIyNTE4MzcxOVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxl
-a3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMCVFIxDzAN
-BgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp
-bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4gKGMpIEFyYWzEsWsgMjAwNzCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9N
-YvDdE3ePYakqtdTyuTFYKTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQv
-KUmi8wUG+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveGHtya
-KhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6PIzdezKKqdfcYbwnT
-rqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M733WB2+Y8a+xwXrXgTW4qhe04MsC
-AwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHkYb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAP
-BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/s
-Px+EnWVUXKgWAkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I
-aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5mxRZNTZPz/OO
-Xl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsaXRik7r4EW5nVcV9VZWRi1aKb
-BFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZqxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAK
-poRq0Tl9
------END CERTIFICATE-----
-
 D-TRUST Root Class 3 CA 2 2009
 ==============================
 -----BEGIN CERTIFICATE-----
@@ -2742,171 +1928,6 @@ NCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqXKVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVv
 w9y4AyHqnxbxLFS1
 -----END CERTIFICATE-----
 
-PSCProcert
-==========
------BEGIN CERTIFICATE-----
-MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1dG9yaWRhZCBk
-ZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9sYW5vMQswCQYDVQQGEwJWRTEQ
-MA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlzdHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lz
-dGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBl
-cmludGVuZGVuY2lhIGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUw
-IwYJKoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEwMFoXDTIw
-MTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHByb2NlcnQubmV0LnZlMQ8w
-DQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGExKjAoBgNVBAsTIVByb3ZlZWRvciBkZSBD
-ZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZp
-Y2FjaW9uIEVsZWN0cm9uaWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIw
-DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo97BVC
-wfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74BCXfgI8Qhd19L3uA
-3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38GieU89RLAu9MLmV+QfI4tL3czkkoh
-RqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmO
-EO8GqQKJ/+MMbpfg353bIdD0PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG2
-0qCZyFSTXai20b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH
-0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/6mnbVSKVUyqU
-td+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1mv6JpIzi4mWCZDlZTOpx+FIyw
-Bm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvp
-r2uKGcfLFFb14dq12fy/czja+eevbqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/
-AgEBMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAz
-Ni0wMB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFDgBStuyId
-xuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRp
-ZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQH
-EwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5h
-Y2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5k
-ZW5jaWEgZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG
-9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQDAgEGME0GA1UdEQRG
-MESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0wMDAwMDKgGwYFYIZeAgKgEgwQUklG
-LUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEagRKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52
-ZS9sY3IvQ0VSVElGSUNBRE8tUkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNy
-YWl6LnN1c2NlcnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v
-Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsGAQUFBwIBFh5o
-dHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcNAQELBQADggIBACtZ6yKZu4Sq
-T96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmN
-g7+mvTV+LFwxNG9s2/NkAZiqlCxB3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4q
-uxtxj7mkoP3YldmvWb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1
-n8GhHVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHmpHmJWhSn
-FFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXzsOfIt+FTvZLm8wyWuevo
-5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bEqCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq
-3TNWOByyrYDT13K9mmyZY+gAu0F2BbdbmRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5
-poLWccret9W6aAjtmcz9opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3Y
-eMLEYC/HYvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km
------END CERTIFICATE-----
-
-China Internet Network Information Center EV Certificates Root
-==============================================================
------BEGIN CERTIFICATE-----
-MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCQ04xMjAwBgNV
-BAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyMUcwRQYDVQQDDD5D
-aGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMg
-Um9vdDAeFw0xMDA4MzEwNzExMjVaFw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAG
-A1UECgwpQ2hpbmEgSW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMM
-PkNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRpZmljYXRl
-cyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z7r07eKpkQ0H1UN+U8i6y
-jUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV
-98YPjUesWgbdYavi7NifFy2cyjw1l1VxzUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2H
-klY0bBoQCxfVWhyXWIQ8hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23
-KzhmBsUs4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54ugQEC
-7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oYNJKiyoOCWTAPBgNV
-HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfHJLOcfA22KlT5uqGDSSosqD
-glkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd5
-0XPFtQO3WKwMVC/GVhMPMdoG52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM
-7+czV0I664zBechNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws
-ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrIzo9uoV1/A3U0
-5K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATywy39FCqQmbkHzJ8=
------END CERTIFICATE-----
-
-Swisscom Root CA 2
-==================
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQG
-EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy
-dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2
-MjUwNzM4MTRaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln
-aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIIC
-IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvErjw0DzpPM
-LgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r0rk0X2s682Q2zsKwzxNo
-ysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJ
-wDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVPACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpH
-Wrumnf2U5NGKpV+GY3aFy6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1a
-SgJA/MTAtukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL6yxS
-NLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0uPoTXGiTOmekl9Ab
-mbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrALacywlKinh/LTSlDcX3KwFnUey7QY
-Ypqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velhk6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3
-qPyZ7iVNTA6z00yPhOgpD/0QVAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw
-HQYDVR0hBBYwFDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O
-BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqhb97iEoHF8Twu
-MA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4RfbgZPnm3qKhyN2abGu2sEzsO
-v2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ
-82YqZh6NM4OKb3xuqFp1mrjX2lhIREeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLz
-o9v/tdhZsnPdTSpxsrpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcs
-a0vvaGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciATwoCqISxx
-OQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99nBjx8Oto0QuFmtEYE3saW
-mA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5Wt6NlUe07qxS/TFED6F+KBZvuim6c779o
-+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TC
-rvJcwhbtkj6EPnNgiLx29CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX
-5OfNeOI5wSsSnqaeG8XmDtkx2Q==
------END CERTIFICATE-----
-
-Swisscom Root EV CA 2
-=====================
------BEGIN CERTIFICATE-----
-MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UE
-BhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdpdGFsIENlcnRpZmljYXRlIFNl
-cnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcN
-MzEwNjI1MDg0NTA4WjBnMQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsT
-HERpZ2l0YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYg
-Q0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7BxUglgRCgz
-o3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD1ycfMQ4jFrclyxy0uYAy
-Xhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPHoCE2G3pXKSinLr9xJZDzRINpUKTk4Rti
-GZQJo/PDvO/0vezbE53PnUgJUmfANykRHvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8Li
-qG12W0OfvrSdsyaGOx9/5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaH
-Za0zKcQvidm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHLOdAG
-alNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaCNYGu+HuB5ur+rPQa
-m3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f46Fq9mDU5zXNysRojddxyNMkM3Ox
-bPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCBUWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDi
-xzgHcgplwLa7JSnaFp6LNYth7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/
-BAQDAgGGMB0GA1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED
-MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWBbj2ITY1x0kbB
-bkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6xXCX5145v9Ydkn+0UjrgEjihL
-j6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98TPLr+flaYC/NUn81ETm484T4VvwYmneTwkLbU
-wp4wLh/vx3rEUMfqe9pQy3omywC0Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7
-XwgiG/W9mR4U9s70WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH
-59yLGn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm7JFe3VE/
-23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4Snr8PyQUQ3nqjsTzyP6Wq
-J3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VNvBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyA
-HmBR3NdUIR7KYndP+tiPsys6DXhyyWhBWkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/gi
-uMod89a2GQ+fYWVq6nTIfI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuW
-l8PVP3wbI+2ksx0WckNLIOFZfsLorSa/ovc=
------END CERTIFICATE-----
-
-CA Disig Root R1
-================
------BEGIN CERTIFICATE-----
-MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNVBAYTAlNLMRMw
-EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp
-ZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQyMDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sx
-EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp
-c2lnIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy
-3QRkD2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/oOI7bm+V8
-u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3AfQ+lekLZWnDZv6fXARz2
-m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJeIgpFy4QxTaz+29FHuvlglzmxZcfe+5nk
-CiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8noc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTa
-YVKvJrT1cU/J19IG32PK/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6
-vpmumwKjrckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD3AjL
-LhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE7cderVC6xkGbrPAX
-ZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkCyC2fg69naQanMVXVz0tv/wQFx1is
-XxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLdqvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNV
-HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ
-04IwDQYJKoZIhvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR
-xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaASfX8MPWbTx9B
-LxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXoHqJPYNcHKfyyo6SdbhWSVhlM
-CrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpBemOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5Gfb
-VSUZP/3oNn6z4eGBrxEWi1CXYBmCAMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85
-YmLLW1AL14FABZyb7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKS
-ds+xDzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvkF7mGnjix
-lAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqFa3qdnom2piiZk4hA9z7N
-UaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsTQ6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJ
-a7+h89n07eLw4+1knj0vllJPgFOL
------END CERTIFICATE-----
-
 CA Disig Root R2
 ================
 -----BEGIN CERTIFICATE-----
@@ -3310,66 +2331,6 @@ G48BtieVU+i2iW1bvGjUI+iLUaJW+fCmgKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP
 82Z+
 -----END CERTIFICATE-----
 
-WoSign
-======
------BEGIN CERTIFICATE-----
-MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQG
-EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNVBAMTIUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJ
-BgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNh
-dGlvbiBBdXRob3JpdHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
-vcqNrLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1UfcIiePyO
-CbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcSccf+Hb0v1naMQFXQoOXXDX
-2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2ZjC1vt7tj/id07sBMOby8w7gLJKA84X5
-KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4Mx1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR
-+ScPewavVIMYe+HdVHpRaG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ez
-EC8wQjchzDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDaruHqk
-lWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221KmYo0SLwX3OSACCK2
-8jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvASh0JWzko/amrzgD5LkhLJuYwTKVY
-yrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWvHYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0C
-AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R
-8bNLtwYgFP6HEtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1
-LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJMuYhOZO9sxXq
-T2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2eJXLOC62qx1ViC777Y7NhRCOj
-y+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VNg64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC
-2nz4SNAzqfkHx5Xh9T71XXG68pWpdIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes
-5cVAWubXbHssw1abR80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/
-EaEQPkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGcexGATVdVh
-mVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+J7x6v+Db9NpSvd4MVHAx
-kUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMlOtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGi
-kpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWTee5Ehr7XHuQe+w==
------END CERTIFICATE-----
-
-WoSign China
-============
------BEGIN CERTIFICATE-----
-MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQG
-EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMMEkNBIOayg+mAmuagueiv
-geS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYD
-VQQKExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjAN
-BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k
-8H/rD195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld19AXbbQs5
-uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExfv5RxadmWPgxDT74wwJ85
-dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnkUkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5
-Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+LNVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFy
-b7Ao65vh4YOhn0pdr8yb+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc
-76DbT52VqyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6KyX2m
-+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0GAbQOXDBGVWCvOGU6
-yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaKJ/kR8slC/k7e3x9cxKSGhxYzoacX
-GKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
-EwEB/wQFMAMBAf8wHQYDVR0OBBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUA
-A4ICAQBqinA4WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6
-yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj/feTZU7n85iY
-r83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6jBAyvd0zaziGfjk9DgNyp115
-j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0A
-kLppRQjbbpCBhqcqBT/mhDn4t/lXX0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97
-qA4bLJyuQHCH2u2nFoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Y
-jj4Du9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10lO1Hm13ZB
-ONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Leie2uPAmvylezkolwQOQv
-T8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR12KvxAmLBsX5VYc8T1yaw15zLKYs4SgsO
-kI26oQ==
------END CERTIFICATE-----
-
 COMODO RSA Certification Authority
 ==================================
 -----BEGIN CERTIFICATE-----
@@ -3675,7 +2636,7 @@ ekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su
 -----END CERTIFICATE-----
 
 TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5
-=========================================================
+====================================================
 -----BEGIN CERTIFICATE-----
 MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCVFIxDzAN
 BgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp
@@ -3698,30 +2659,6 @@ lpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CFYv4HAqGEVka+lgqaE9chTLd8
 B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW+qtB4Uu2NQvAmxU=
 -----END CERTIFICATE-----
 
-TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6
-=========================================================
------BEGIN CERTIFICATE-----
-MIIEJjCCAw6gAwIBAgIGfaHyZeyKMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYDVQQGEwJUUjEPMA0G
-A1UEBwwGQW5rYXJhMU0wSwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmls
-acWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF
-bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg2MB4XDTEzMTIxODA5
-MDQxMFoXDTIzMTIxNjA5MDQxMFowgbExCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExTTBL
-BgNVBAoMRFTDnFJLVFJVU1QgQmlsZ2kgxLBsZXRpxZ9pbSB2ZSBCaWxpxZ9pbSBHw7x2ZW5sacSf
-aSBIaXptZXRsZXJpIEEuxZ4uMUIwQAYDVQQDDDlUw5xSS1RSVVNUIEVsZWt0cm9uaWsgU2VydGlm
-aWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLEgSDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQCdsGjW6L0UlqMACprx9MfMkU1xeHe59yEmFXNRFpQJRwXiM/VomjX/3EsvMsew7eKC5W/a
-2uqsxgbPJQ1BgfbBOCK9+bGlprMBvD9QFyv26WZV1DOzXPhDIHiTVRZwGTLmiddk671IUP320EED
-wnS3/faAz1vFq6TWlRKb55cTMgPp1KtDWxbtMyJkKbbSk60vbNg9tvYdDjTu0n2pVQ8g9P0pu5Fb
-HH3GQjhtQiht1AH7zYiXSX6484P4tZgvsycLSF5W506jM7NE1qXyGJTtHB6plVxiSvgNZ1GpryHV
-+DKdeboaX+UEVU0TRv/yz3THGmNtwx8XEsMeED5gCLMxAgMBAAGjQjBAMB0GA1UdDgQWBBTdVRcT
-9qzoSCHK77Wv0QAy7Z6MtTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
-9w0BAQsFAAOCAQEAb1gNl0OqFlQ+v6nfkkU/hQu7VtMMUszIv3ZnXuaqs6fvuay0EBQNdH49ba3R
-fdCaqaXKGDsCQC4qnFAUi/5XfldcEQlLNkVS9z2sFP1E34uXI9TDwe7UU5X+LEr+DXCqu4svLcsy
-o4LyVN/Y8t3XSHLuSqMplsNEzm61kod2pLv0kmzOLBQJZo6NrRa1xxsJYTvjIKIDgI6tflEATseW
-hvtDmHd9KMeP2Cpu54Rvl0EpABZeTeIT6lnAY2c6RPuY/ATTMHKm9ocJV612ph1jmv3XZch4gyt1
-O6VbuA1df74jrlZVlFjvH4GMKrLN5ptjnhi85WsGtAuYSyher4hYyw==
------END CERTIFICATE-----
-
 Certinomis - Root CA
 ====================
 -----BEGIN CERTIFICATE-----
@@ -3775,42 +2712,6 @@ HZeeevJuQHHfaPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
 Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
 -----END CERTIFICATE-----
 
-Certification Authority of WoSign G2
-====================================
------BEGIN CERTIFICATE-----
-MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQG
-EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNVBAMTJENlcnRpZmljYXRpb24g
-QXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgx
-CzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPXJYY1kBai
-XW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgOgHzKtB0TiGsOqCR3A9Du
-W/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg9
-5k4ot+vElbGs/V6r+kHLXZ1L3PR8du9nfwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BK
-v0mUYQs4kI9dJGwlezt52eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC
-AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJKoZI
-hvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8fHulwqZm46qwtyeY
-P0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G3CE4Q3RM+zD4F3LBMvzIkRfEzFg3
-TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yySrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu
-+sif/a+RZQp4OBXllxcU3fngLDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+
-7Q9LGOHSJDy7XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg=
------END CERTIFICATE-----
-
-CA WoSign ECC Root
-==================
------BEGIN CERTIFICATE-----
-MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQswCQYDVQQGEwJD
-TjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMTEkNBIFdvU2lnbiBFQ0MgUm9v
-dDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQK
-ExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZI
-zj0CAQYFK4EEACIDYgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiU
-t5v8KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES1ns2o0Iw
-QDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqv3VWqP2h4syhf3R
-MluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0
-Daupn75OcsqF1NnstTJFGG+rrQIwfcf3aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYu
-a/GRspBl9JrmkO5K
------END CERTIFICATE-----
-
 SZAFIR ROOT CA2
 ===============
 -----BEGIN CERTIFICATE-----
@@ -3863,3 +2764,575 @@ ypnTycUm/Q1oBEauttmbjL4ZvrHG8hnjXALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLX
 is7VmFxWlgPF7ncGNf/P5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7
 zAYspsbiDrW5viSP
 -----END CERTIFICATE-----
+
+Hellenic Academic and Research Institutions RootCA 2015
+=======================================================
+-----BEGIN CERTIFICATE-----
+MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcT
+BkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0
+aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl
+YXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAx
+MTIxWjCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNV
+BAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIw
+MTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDC+Kk/G4n8PDwEXT2QNrCROnk8Zlrv
+bTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+eh
+iGsxr/CL0BgzuNtFajT0AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+
+6PAQZe104S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06CojXd
+FPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV9Cz82XBST3i4vTwr
+i5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrDgfgXy5I2XdGj2HUb4Ysn6npIQf1F
+GQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2
+fu/Z8VFRfS0myGlZYeCsargqNhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9mu
+iNX6hME6wGkoLfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc
+Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD
+AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVdctA4GGqd83EkVAswDQYJKoZI
+hvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0IXtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+
+D1hYc2Ryx+hFjtyp8iY/xnmMsVMIM4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrM
+d/K4kPFox/la/vot9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+y
+d+2VZ5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/eaj8GsGsVn
+82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnhX9izjFk0WaSrT2y7Hxjb
+davYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQl033DlZdwJVqwjbDG2jJ9SrcR5q+ss7F
+Jej6A7na+RZukYT1HCjI/CbM1xyQVqdfbzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVt
+J94Cj8rDtSvK6evIIVM4pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGa
+JI7ZjnHKe7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0vm9q
+p/UsQu0yrbYhnr68
+-----END CERTIFICATE-----
+
+Hellenic Academic and Research Institutions ECC RootCA 2015
+===========================================================
+-----BEGIN CERTIFICATE-----
+MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0
+aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u
+cyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj
+aCBJbnN0aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEw
+MzcxMlowgaoxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmlj
+IEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUQwQgYD
+VQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIEVDQyBSb290
+Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKgQehLgoRc4vgxEZmGZE4JJS+dQS8KrjVP
+dJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJajq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoK
+Vlp8aQuqgAkkbH7BRqNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O
+BBYEFLQiC4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaeplSTA
+GiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7SofTUwJCA3sS61kFyjn
+dc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR
+-----END CERTIFICATE-----
+
+Certplus Root CA G1
+===================
+-----BEGIN CERTIFICATE-----
+MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUAMD4xCzAJBgNV
+BAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTAe
+Fw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhD
+ZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHN
+r49aiZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt6kuJPKNx
+Qv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP0FG7Yn2ksYyy/yARujVj
+BYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTv
+LRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDEEW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2
+z4QTd28n6v+WZxcIbekN1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc
+4nBvCGrch2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCTmehd
+4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV4EJQeIQEQWGw9CEj
+jy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPOWftwenMGE9nTdDckQQoRb5fc5+R+
+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0G
+A1UdDgQWBBSowcCbkahDFXxdBie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHY
+lwuBsTANBgkqhkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh
+66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7/SMNkPX0XtPG
+YX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BSS7CTKtQ+FjPlnsZlFT5kOwQ/
+2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F
+6ALEUz65noe8zDUa3qHpimOHZR4RKttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilX
+CNQ314cnrUlZp5GrRHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWe
+tUNy6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEVV/xuZDDC
+VRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5g4VCXA9DO2pJNdWY9BW/
++mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl++O/QmueD6i9a5jc2NvLi6Td11n0bt3+
+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo=
+-----END CERTIFICATE-----
+
+Certplus Root CA G2
+===================
+-----BEGIN CERTIFICATE-----
+MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4xCzAJBgNVBAYT
+AkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjAeFw0x
+NDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0
+cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IA
+BM0PW1aC3/BFGtat93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uN
+Am8xIk0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0PAQH/BAQD
+AgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMB8GA1Ud
+IwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqGSM49BAMDA2gAMGUCMHD+sAvZ94OX7PNV
+HdTcswYO/jOYnYs5kGuUIe22113WTNchp+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjl
+vPl5adytRSv3tjFzzAalU5ORGpOucGpnutee5WEaXw==
+-----END CERTIFICATE-----
+
+OpenTrust Root CA G1
+====================
+-----BEGIN CERTIFICATE-----
+MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUAMEAxCzAJBgNV
+BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcx
+MB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM
+CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7fa
+Yp6bwiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX/uMftk87
+ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR077F9jAHiOH3BX2pfJLKO
+YheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGPuY4zbGneWK2gDqdkVBFpRGZPTBKnjix9
+xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLxp2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO
+9z0M+Yo0FMT7MzUj8czxKselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq
+3ywgsNw2TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+WG+Oi
+n6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPwvFEVVJSmdz7QdFG9
+URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYYEQRVzXR7z2FwefR7LFxckvzluFqr
+TJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUl0YhVyE12jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/Px
+N3DlCPaTKbYwDQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E
+PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kfgLMtMrpkZ2Cv
+uVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbSFXJfLkur1J1juONI5f6ELlgK
+n0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLh
+X4SPgPL0DTatdrOjteFkdjpY3H1PXlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80
+nR14SohWZ25g/4/Ii+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcm
+GS3tTAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L9109S5zvE/
+bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/KyPu1svf0OnWZzsD2097+o
+4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJAwSQiumPv+i2tCqjI40cHLI5kqiPAlxA
+OXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj1oxx
+-----END CERTIFICATE-----
+
+OpenTrust Root CA G2
+====================
+-----BEGIN CERTIFICATE-----
+MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUAMEAxCzAJBgNV
+BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcy
+MB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM
+CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+
+Ntmh/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78eCbY2albz
+4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/61UWY0jUJ9gNDlP7ZvyCV
+eYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fEFY8ElggGQgT4hNYdvJGmQr5J1WqIP7wt
+UdGejeBSzFfdNTVY27SPJIjki9/ca1TSgSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz
+3GIZ38i1MH/1PCZ1Eb3XG7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj
+3CzMpSZyYhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaHvGOz
+9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4t/bQWVyJ98LVtZR0
+0dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/gh7PU3+06yzbXfZqfUAkBXKJOAGT
+y3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUajn6QiL35okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59
+M4PLuG53hq8wDQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz
+Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0nXGEL8pZ0keI
+mUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qTRmTFAHneIWv2V6CG1wZy7HBG
+S4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpTwm+bREx50B1ws9efAvSyB7DH5fitIw6mVskp
+EndI2S9G/Tvw/HRwkqWOOAgfZDC2t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ
+6e18CL13zSdkzJTaTkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97kr
+gCf2o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU3jg9CcCo
+SmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eAiN1nE28daCSLT7d0geX0
+YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14fWKGVyasvc0rQLW6aWQ9VGHgtPFGml4vm
+u7JwqkwR3v98KzfUetF3NI/n+UL3PIEMS1IK
+-----END CERTIFICATE-----
+
+OpenTrust Root CA G3
+====================
+-----BEGIN CERTIFICATE-----
+MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAxCzAJBgNVBAYT
+AkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEczMB4X
+DTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9w
+ZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAARK7liuTcpm3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5B
+ta1doYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4GA1UdDwEB
+/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAf
+BgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAKBggqhkjOPQQDAwNpADBmAjEAj6jcnboM
+BBf6Fek9LykBl7+BFjNAk2z8+e2AcG+qj9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta
+3U1fJAuwACEl74+nBCZx4nxp5V2a+EEfOzmTk51V6s2N8fvB
+-----END CERTIFICATE-----
+
+ISRG Root X1
+============
+-----BEGIN CERTIFICATE-----
+MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UE
+BhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQD
+EwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQG
+EwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMT
+DElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54r
+Vygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj1
+3Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8K
+b4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCN
+Aymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ
+4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf
+1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFu
+hjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQH
+usEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/r
+OPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4G
+A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY
+9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
+ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV
+0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwt
+hDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJw
+TdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nx
+e5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZA
+JzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahD
+YVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9n
+JEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJ
+m+kXQ99b21/+jh5Xos1AnX5iItreGCc=
+-----END CERTIFICATE-----
+
+AC RAIZ FNMT-RCM
+================
+-----BEGIN CERTIFICATE-----
+MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNVBAYT
+AkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTAeFw0wODEw
+MjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJD
+TTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBALpxgHpMhm5/yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcf
+qQgfBBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAzWHFctPVr
+btQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxFtBDXaEAUwED653cXeuYL
+j2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z374jNUUeAlz+taibmSXaXvMiwzn15Cou
+08YfxGyqxRxqAQVKL9LFwag0Jl1mpdICIfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mw
+WsXmo8RZZUc1g16p6DULmbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnT
+tOmlcYF7wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peSMKGJ
+47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2ZSysV4999AeU14EC
+ll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMetUqIJ5G+GR4of6ygnXYMgrwTJbFaa
+i0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE
+FPd9xf3E6Jobd2Sn9R2gzL+HYJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1o
+dHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD
+nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1RXxlDPiyN8+s
+D8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYMLVN0V2Ue1bLdI4E7pWYjJ2cJ
+j+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrT
+Qfv6MooqtyuGC2mDOL7Nii4LcK2NJpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW
++YJF1DngoABd15jmfZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7
+Ixjp6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp1txyM/1d
+8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B9kiABdcPUXmsEKvU7ANm
+5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wokRqEIr9baRRmW1FMdW4R58MD3R++Lj8UG
+rp1MYp3/RgT408m2ECVAdf4WqslKYIYvuu8wd+RU4riEmViAqhOLUTpPSPaLtrM=
+-----END CERTIFICATE-----
+
+Amazon Root CA 1
+================
+-----BEGIN CERTIFICATE-----
+MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsFADA5MQswCQYD
+VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAxMB4XDTE1
+MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv
+bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALJ4gHHKeNXjca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgH
+FzZM9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qwIFAGbHrQ
+gLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6VOujw5H5SNz/0egwLX0t
+dHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L93FcXmn/6pUCyziKrlA4b9v7LWIbxcce
+VOF34GfID5yHI9Y/QCB/IIDEgEw+OyQmjgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3
+DQEBCwUAA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDIU5PM
+CCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUsN+gDS63pYaACbvXy
+8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vvo/ufQJVtMVT8QtPHRh8jrdkPSHCa
+2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2
+xJNDd2ZhwLnoQdeXeGADbkpyrqXRfboQnoZsG4q5WTP468SQvvG5
+-----END CERTIFICATE-----
+
+Amazon Root CA 2
+================
+-----BEGIN CERTIFICATE-----
+MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwFADA5MQswCQYD
+VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAyMB4XDTE1
+MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv
+bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAK2Wny2cSkxKgXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4
+kHbZW0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg1dKmSYXp
+N+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K8nu+NQWpEjTj82R0Yiw9
+AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvd
+fLC6HM783k81ds8P+HgfajZRRidhW+mez/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAEx
+kv8LV/SasrlX6avvDXbR8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSS
+btqDT6ZjmUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz7Mt0
+Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6+XUyo05f7O0oYtlN
+c/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI0u1ufm8/0i2BWSlmy5A5lREedCf+
+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSw
+DPBMMPQFWAJI/TPlUq9LhONmUjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oA
+A7CXDpO8Wqj2LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY
++gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kSk5Nrp+gvU5LE
+YFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl7uxMMne0nxrpS10gxdr9HIcW
+xkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygmbtmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQ
+gj9sAq+uEjonljYE1x2igGOpm/HlurR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbW
+aQbLU8uz/mtBzUF+fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoV
+Yh63n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE76KlXIx3
+KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H9jVlpNMKVv/1F2Rs76gi
+JUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT4PsJYGw=
+-----END CERTIFICATE-----
+
+Amazon Root CA 3
+================
+-----BEGIN CERTIFICATE-----
+MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5MQswCQYDVQQG
+EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAzMB4XDTE1MDUy
+NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ
+MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZB
+f8ANm+gBG1bG8lKlui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjr
+Zt6jQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSrttvXBp43
+rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkrBqWTrBqYaGFy+uGh0Psc
+eGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteMYyRIHN8wfdVoOw==
+-----END CERTIFICATE-----
+
+Amazon Root CA 4
+================
+-----BEGIN CERTIFICATE-----
+MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5MQswCQYDVQQG
+EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSA0MB4XDTE1MDUy
+NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ
+MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN
+/sGKe0uoe0ZLY7Bi9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri
+83BkM6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WBMAoGCCqGSM49BAMDA2gA
+MGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlwCkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1
+AE47xDqUEpHJWEadIRNyp4iciuRMStuW1KyLa2tJElMzrdfkviT8tQp21KW8EA==
+-----END CERTIFICATE-----
+
+LuxTrust Global Root 2
+======================
+-----BEGIN CERTIFICATE-----
+MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQELBQAwRjELMAkG
+A1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNVBAMMFkx1eFRydXN0IEdsb2Jh
+bCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUwMzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEW
+MBQGA1UECgwNTHV4VHJ1c3QgUy5BLjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wm
+Kb3FibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTemhfY7RBi2
+xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1EMShduxq3sVs35a0VkBC
+wGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsnXpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm
+1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkm
+FRseTJIpgp7VkoGSQXAZ96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niF
+wpN6cj5mj5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4gDEa/
+a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+8kPREd8vZS9kzl8U
+ubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2jX5t/Lax5Gw5CMZdjpPuKadUiDTSQ
+MC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmHhFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB
+/zBCBgNVHSAEOzA5MDcGByuBKwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5
+Lmx1eHRydXN0Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT
++Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQELBQADggIBAGoZ
+FO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9BzZAcg4atmpZ1gDlaCDdLnIN
+H2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTOjFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW
+7MM3LGVYvlcAGvI1+ut7MV3CwRI9loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIu
+ZY+kt9J/Z93I055cqqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWA
+VWe+2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/JEAdemrR
+TxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKrezrnK+T+Tb/mjuuqlPpmt
+/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQfLSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc
+7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31I
+iyBMz2TWuJdGsE7RKlY6oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr
+-----END CERTIFICATE-----
+
+TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
+=============================================
+-----BEGIN CERTIFICATE-----
+MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIxGDAWBgNVBAcT
+D0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxpbXNlbCB2ZSBUZWtub2xvamlr
+IEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0wKwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24g
+TWVya2V6aSAtIEthbXUgU00xNjA0BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRp
+ZmlrYXNpIC0gU3VydW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYD
+VQQGEwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXllIEJpbGlt
+c2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklUQUsxLTArBgNVBAsTJEth
+bXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBTTTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11
+IFNNIFNTTCBLb2sgU2VydGlmaWthc2kgLSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAr3UwM6q7a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y8
+6Ij5iySrLqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INrN3wc
+wv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2XYacQuFWQfw4tJzh0
+3+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/iSIzL+aFCr2lqBs23tPcLG07xxO9
+WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4fAJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQU
+ZT/HiobGPN08VFw1+DrtUgxHV8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJ
+KoZIhvcNAQELBQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh
+AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPfIPP54+M638yc
+lNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4lzwDGrpDxpa5RXI4s6ehlj2R
+e37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0j
+q5Rm+K37DwhuJi1/FwcJsoz7UMCflo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM=
+-----END CERTIFICATE-----
+
+GDCA TrustAUTH R5 ROOT
+======================
+-----BEGIN CERTIFICATE-----
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UEBhMCQ04xMjAw
+BgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8wHQYDVQQD
+DBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVow
+YjELMAkGA1UEBhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJjDp6L3TQs
+AlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBjTnnEt1u9ol2x8kECK62p
+OqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+uKU49tm7srsHwJ5uu4/Ts765/94Y9cnrr
+pftZTqfrlYwiOXnhLQiPzLyRuEH3FMEjqcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ
+9Cy5WmYqsBebnh52nUpmMUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQ
+xXABZG12ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloPzgsM
+R6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3GkL30SgLdTMEZeS1SZ
+D2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeCjGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4
+oR24qoAATILnsn8JuLwwoC8N9VKejveSswoAHQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx
+9hoh49pwBiFYFIeFd3mqgnkCAwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlR
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZmDRd9FBUb1Ov9
+H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5COmSdI31R9KrO9b7eGZONn35
+6ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ryL3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd
++PwyvzeG5LuOmCd+uh8W4XAR8gPfJWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQ
+HtZa37dG/OaG+svgIHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBD
+F8Io2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV09tL7ECQ
+8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQXR4EzzffHqhmsYzmIGrv
+/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrqT8p+ck0LcIymSLumoRT2+1hEmRSuqguT
+aaApJUqlyyvdimYHFngVV3Eb7PVHhPOeMTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g==
+-----END CERTIFICATE-----
+
+TrustCor RootCert CA-1
+======================
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYDVQQGEwJQQTEP
+MA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEkMCIGA1UECgwbVHJ1c3RDb3Ig
+U3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3Jp
+dHkxHzAdBgNVBAMMFlRydXN0Q29yIFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkx
+MjMxMTcyMzE2WjCBpDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFu
+YW1hIENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUGA1UECwwe
+VHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZUcnVzdENvciBSb290Q2Vy
+dCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv463leLCJhJrMxnHQFgKq1mq
+jQCj/IDHUHuO1CAmujIS2CNUSSUQIpidRtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4
+pQa81QBeCQryJ3pS/C3Vseq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0
+JEsq1pme9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CVEY4h
+gLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorWhnAbJN7+KIor0Gqw
+/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/DeOxCbeKyKsZn3MzUOcwHwYDVR0j
+BBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AYYwDQYJKoZIhvcNAQELBQADggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5
+mDo4Nvu7Zp5I/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZyonnMlo2HD6C
+qFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djtsL1Ac59v2Z3kf9YKVmgenFK+P
+3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdNzl/HHk484IkzlQsPpTLWPFp5LBk=
+-----END CERTIFICATE-----
+
+TrustCor RootCert CA-2
+======================
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNVBAYTAlBBMQ8w
+DQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBT
+eXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0
+eTEfMB0GA1UEAwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEy
+MzExNzI2MzlaMIGkMQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5h
+bWEgQ2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29yIFJvb3RDZXJ0
+IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnIG7CKqJiJJWQdsg4foDSq8Gb
+ZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9Nk
+RvRUqdw6VC0xK5mC8tkq1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1
+oYxOdqHp2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nKDOOb
+XUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hapeaz6LMvYHL1cEksr1
+/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF3wP+TfSvPd9cW436cOGlfifHhi5q
+jxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQP
+eSghYA2FFn3XVDjxklb9tTNMg9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+Ctg
+rKAmrhQhJ8Z3mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAdBgNVHQ4EFgQU
+2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6UnrybPZx9mCAZ5YwwYrIwDwYD
+VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/h
+Osh80QA9z+LqBrWyOrsGS2h60COXdKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnp
+kpfbsEZC89NiqpX+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv
+2wnL/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RXCI/hOWB3
+S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYaZH9bDTMJBzN7Bj8RpFxw
+PIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dv
+DDqPys/cA8GiCcjl/YBeyGBCARsaU1q7N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYU
+RpFHmygk71dSTlxCnKr3Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANE
+xdqtvArBAs8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp5KeX
+RKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu1uwJ
+-----END CERTIFICATE-----
+
+TrustCor ECA-1
+==============
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYDVQQGEwJQQTEP
+MA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEkMCIGA1UECgwbVHJ1c3RDb3Ig
+U3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3Jp
+dHkxFzAVBgNVBAMMDlRydXN0Q29yIEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3Mjgw
+N1owgZwxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5
+MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRydXN0Q29y
+IENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3IgRUNBLTEwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb3w9U73NjKYKtR8aja+3+XzP4Q1HpGjOR
+MRegdMTUpwHmspI+ap3tDvl0mEDTPwOABoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23
+xFUfJ3zSCNV2HykVh0A53ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmc
+p0yJF4OuowReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/wZ0+
+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZFZtS6mFjBAgMBAAGj
+YzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAfBgNVHSMEGDAWgBREnkj1zG1I1KBL
+f/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF
+AAOCAQEABT41XBVwm8nHc2FvcivUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u
+/ukZMjgDfxT2AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50soIipX1TH0Xs
+J5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BIWJZpTdwHjFGTot+fDz2LYLSC
+jaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1WitJ/X5g==
+-----END CERTIFICATE-----
+
+SSL.com Root Certification Authority RSA
+========================================
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxDjAM
+BgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24x
+MTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYw
+MjEyMTczOTM5WhcNNDEwMjEyMTczOTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMx
+EDAOBgNVBAcMB0hvdXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NM
+LmNvbSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2RxFdHaxh3a3by/ZPkPQ/C
+Fp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aXqhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8
+P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcCC52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/ge
+oeOy3ZExqysdBP+lSgQ36YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkp
+k8zruFvh/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrFYD3Z
+fBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93EJNyAKoFBbZQ+yODJ
+gUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVcUS4cK38acijnALXRdMbX5J+tB5O2
+UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi8
+1xtZPCvM8hnIk2snYxnP/Okm+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4s
+bE6x/c+cCbqiM+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4GA1UdDwEB/wQE
+AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGVcpNxJK1ok1iOMq8bs3AD/CUr
+dIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBcHadm47GUBwwyOabqG7B52B2ccETjit3E+ZUf
+ijhDPwGFpUenPUayvOUiaPd7nNgsPgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAsl
+u1OJD7OAUN5F7kR/q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjq
+erQ0cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jra6x+3uxj
+MxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90IH37hVZkLId6Tngr75qNJ
+vTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/YK9f1JmzJBjSWFupwWRoyeXkLtoh/D1JI
+Pb9s2KJELtFOt3JY04kTlf5Eq/jXixtunLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406y
+wKBjYZC6VWg3dGq2ktufoYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NI
+WuuA8ShYIc2wBlX7Jz9TkHCpBB5XJ7k=
+-----END CERTIFICATE-----
+
+SSL.com Root Certification Authority ECC
+========================================
+-----BEGIN CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMCVVMxDjAMBgNV
+BAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xMTAv
+BgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEy
+MTgxNDAzWhcNNDEwMjEyMTgxNDAzWjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAO
+BgNVBAcMB0hvdXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuBBAAiA2IA
+BEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI7Z4INcgn64mMU1jrYor+
+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPgCemB+vNH06NjMGEwHQYDVR0OBBYEFILR
+hXMw5zUE044CkvvlpNHEIejNMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTT
+jgKS++Wk0cQh6M0wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCW
+e+0F+S8Tkdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+gA0z
+5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl
+-----END CERTIFICATE-----
+
+SSL.com EV Root Certification Authority RSA R2
+==============================================
+-----BEGIN CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMQ4w
+DAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9u
+MTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MB4XDTE3MDUzMTE4MTQzN1oXDTQyMDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQI
+DAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYD
+VQQDDC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvqM0fNTPl9fb69LT3w23jh
+hqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssufOePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7w
+cXHswxzpY6IXFJ3vG2fThVUCAtZJycxa4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTO
+Zw+oz12WGQvE43LrrdF9HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+
+B6KjBSYRaZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcAb9Zh
+CBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQGp8hLH94t2S42Oim
+9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQVPWKchjgGAGYS5Fl2WlPAApiiECto
+RHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMOpgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+Slm
+JuwgUHfbSguPvuUCYHBBXtSuUDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48
++qvWBkofZ6aYMBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa49QaAJadz20Zp
+qJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBWs47LCp1Jjr+kxJG7ZhcFUZh1
+++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nx
+Y/hoLVUE0fKNsKTPvDxeH3jnpaAgcLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2G
+guDKBAdRUNf/ktUM79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDz
+OFSz/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXtll9ldDz7
+CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEmKf7GUmG6sXP/wwyc5Wxq
+lD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKKQbNmC1r7fSOl8hqw/96bg5Qu0T/fkreR
+rwU7ZcegbLHNYhLDkBvjJc40vG93drEQw/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1
+hlMYegouCRw2n5H9gooiS9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX
+9hwJ1C07mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w==
+-----END CERTIFICATE-----
+
+SSL.com EV Root Certification Authority ECC
+===========================================
+-----BEGIN CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMCVVMxDjAMBgNV
+BAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNDAy
+BgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYw
+MjEyMTgxNTIzWhcNNDEwMjEyMTgxNTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMx
+EDAOBgNVBAcMB0hvdXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NM
+LmNvbSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMAVIbc/R/fALhBYlzccBYy
+3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1KthkuWnBaBu2+8KGwytAJKaNjMGEwHQYDVR0O
+BBYEFFvKXuXe0oGqzagtZFG22XKbl+ZPMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe
+5d7SgarNqC1kUbbZcpuX5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJ
+N+vp1RPZytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZgh5Mm
+m7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg==
+-----END CERTIFICATE-----
diff --git a/source/n/curl/curl.SlackBuild b/source/n/curl/curl.SlackBuild
index ef271cfda..719930486 100755
--- a/source/n/curl/curl.SlackBuild
+++ b/source/n/curl/curl.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2013, 2014, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2014, 2016, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=curl
-VERSION=${VERSION:-$(echo curl-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo curl-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
@@ -35,9 +36,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-curl
 
@@ -62,8 +70,8 @@ rm -rf $PKG
 mkdir -p $PKG
 cd $TMP
 rm -rf curl-$VERSION
-tar xvf $CWD/curl-$VERSION.tar.bz2 || exit 1
-cd curl-$VERSION
+tar xvf $CWD/curl-$VERSION.tar.xz || exit 1
+cd curl-$VERSION || exit 1
 
 chown -R root:root .
 find . \
@@ -78,12 +86,25 @@ CFLAGS="$SLKCFLAGS" \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
   --mandir=/usr/man \
   --with-ca-bundle=/usr/share/curl/ca-bundle.crt \
+  --with-libssh2 \
   --enable-static=no \
-  $SSLOPT
+  $SSLOPT || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
+# We have always installed the man3 documentation, so we'll keep doing it
+# even though these are no longer installed by default. No || exit 1, if
+# it works, it works, and if it doesn't, we tried.
+( cd docs/libcurl
+  make install-man3 DESTDIR=$PKG
+  cd opts
+  make install-man3 DESTDIR=$PKG
+)
+
 mkdir -p $PKG/usr/share/curl
 cp -a $CWD/cacert.pem.bz2 $PKG/usr/share/curl
 ( cd $PKG/usr/share/curl
@@ -106,7 +127,6 @@ cp -a \
   COPYING* README* UPGRADE \
   $PKG/usr/doc/curl-$VERSION
 ( cd docs
-  rm -rf Makefile* curl-config.1 curl-config.html curl.1 curl.html libcurl
   cp -a \
     BUGS CONTRIBUTE FAQ FEATURES INSTALL INTERNALS MANUAL README* RESOURCES THANKS TODO examples \
     $PKG/usr/doc/curl-$VERSION )
diff --git a/source/n/curl/curl.url b/source/n/curl/curl.url
new file mode 100644
index 000000000..bea0d39be
--- /dev/null
+++ b/source/n/curl/curl.url
@@ -0,0 +1 @@
+https://curl.haxx.se/download
diff --git a/source/n/curl/slack-desc b/source/n/curl/slack-desc
index 0fe5c532c..0c68e4dd5 100644
--- a/source/n/curl/slack-desc
+++ b/source/n/curl/slack-desc
@@ -1,16 +1,16 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 curl: curl (command line URL data transfer tool)
 curl:
 curl: Curl is a command line tool for transferring data specified with URL
-curl: syntax.  The command is designed to work without user interaction or
-curl: any kind of interactivity.   Curl offers a busload of useful tricks
+curl: syntax. The command is designed to work without user interaction or
+curl: any kind of interactivity.  Curl offers a busload of useful tricks
 curl: like proxy support, user authentication, ftp upload, HTTP post,  SSL
 curl: (https:) connections, cookies, file transfer resume and more.
 curl:
diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch
deleted file mode 100644
index ce9b5e256..000000000
--- a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-diff -up cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c
---- cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt	2012-01-28 00:31:36.000000000 +0100
-+++ cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c	2012-12-20 17:00:14.614580310 +0100
-@@ -31,7 +31,7 @@ char *pwcheck(userid, password)
- char *userid;
- char *password;
- {
--    char* r;
-+    char* r, *cryptbuf;
-     struct passwd *pwd;
- 
-     pwd = getpwnam(userid);
-@@ -41,11 +41,13 @@ char *password;
-     else if (pwd->pw_passwd[0] == '*') {
- 	r = "Account disabled";
-     }
--    else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
--	r = "Incorrect password";
--    }
-     else {
--	r = "OK";
-+	cryptbuf = crypt(password, pwd->pw_passwd);
-+	if((cryptbuf == NULL) || (strcmp(pwd->pw_passwd, cryptbuf) != 0)) {
-+	   r = "Incorrect password";
-+	} else {
-+	   r = "OK";
-+	}
-     }
- 
-     endpwent();
-diff -up cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c
---- cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt	2012-10-12 16:05:48.000000000 +0200
-+++ cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c	2012-12-20 17:03:17.940793653 +0100
-@@ -78,6 +78,7 @@ auth_getpwent (
-     /* VARIABLES */
-     struct passwd *pw;			/* pointer to passwd file entry */
-     int errnum;
-+    char *cryptbuf;
-     /* END VARIABLES */
-   
-     errno = 0;
-@@ -105,7 +106,8 @@ auth_getpwent (
- 	}
-     }
- 
--    if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
-+    cryptbuf = crypt(password, pw->pw_passwd);
-+    if ((cryptbuf == NULL) || strcmp(pw->pw_passwd, cryptbuf)) {
- 	if (flags & VERBOSE) {
- 	    syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
- 	}
-diff -up cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_shadow.c
---- cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt	2012-12-20 17:00:14.000000000 +0100
-+++ cyrus-sasl-2.1.26/saslauthd/auth_shadow.c	2012-12-20 17:16:44.190360006 +0100
-@@ -214,8 +214,8 @@ auth_shadow (
- 	RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
-     }
- 
--    cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
--    if (strcmp(sp->sp_pwdp, cpw)) {
-+    cpw = crypt(password, sp->sp_pwdp);
-+    if ((cpw == NULL) || strcmp(sp->sp_pwdp, cpw)) {
- 	if (flags & VERBOSE) {
- 	    /*
- 	     * This _should_ reveal the SHADOW_PW_LOCKED prefix to an
-@@ -225,10 +225,8 @@ auth_shadow (
- 	    syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
- 		   sp->sp_pwdp, cpw);
- 	}
--	free(cpw);
- 	RETURN("NO Incorrect password");
-     }
--    free(cpw);
- 
-     /*
-      * The following fields will be set to -1 if:
-@@ -290,7 +288,8 @@ auth_shadow (
- 	RETURN("NO Invalid username");
-     }
-   
--    if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
-+    cpw = crypt(password, upw->upw_passwd);
-+    if ((cpw == NULL) || strcmp(upw->upw_passwd, cpw) != 0) {
- 	if (flags & VERBOSE) {
- 	    syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
- 		   password, upw->upw_passwd);
diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch
deleted file mode 100644
index cde823835..000000000
--- a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up cyrus-sasl-2.1.26/include/sasl.h.size_t cyrus-sasl-2.1.26/include/sasl.h
---- cyrus-sasl-2.1.26/include/sasl.h.size_t	2012-10-12 09:05:48.000000000 -0500
-+++ cyrus-sasl-2.1.26/include/sasl.h	2013-01-31 13:21:04.007739327 -0600
-@@ -223,6 +223,8 @@ extern "C" {
-  * they must be called before all other SASL functions:
-  */
- 
-+#include <sys/types.h>
-+
- /* memory allocation functions which may optionally be replaced:
-  */
- typedef void *sasl_malloc_t(size_t);
diff --git a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild
index 0cbad20a9..97a242c55 100755
--- a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild
+++ b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013, 2015  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2013, 2015, 2017, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=cyrus-sasl
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | cut -f 3- -d - | rev | cut -f 3- -d . | rev)}
 BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
@@ -34,7 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-cyrus-sasl
 
@@ -57,11 +66,7 @@ mkdir -p $TMP $PKG
 cd $TMP
 rm -rf cyrus-sasl-$VERSION
 tar xvf $CWD/cyrus-sasl-$VERSION.tar.?z* || exit 1
-cd cyrus-sasl-$VERSION || exit 1
-
-# Fix for glibc-2.17 crypt() NULL return:
-zcat $CWD/cyrus-sasl-2.1.26-null-crypt.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/cyrus-sasl-2.1.26-size_t.patch.gz | patch -p1 --verbose || exit 1
+cd cyrus-sasl-$(echo $VERSION | cut -f 1 -d -) || exit 1
 
 chown -R root:root .
 find . -perm 777 -exec chmod 755 {} \;
@@ -81,33 +86,35 @@ CFLAGS="$SLKCFLAGS" \
   --without-ldap \
   --with-saslauthd \
   --with-gdbm \
-  --with-dblib=gdbm
+  --with-devrandom=/dev/urandom \
+  --with-dblib=gdbm || exit 1
+
 # How stupid that I need to specify 'sasldir' again for 'make' or else you get
 # the warning "Plugins are being installed into /usr/lib/sasl2, but the library
 # will look for them in /usr/lib64/sasl2" and advised to create a symlink...
 make sasldir=/usr/lib${LIBDIRSUFFIX}/sasl2 || exit 1
 make sasldir=/usr/lib${LIBDIRSUFFIX}/sasl2 install DESTDIR=$PKG || exit 1
 
-# NOTE:  I'd _like_ to get rid of these, but they are already tangled into
-# other .la files, and then those packages would need to be recompiled.  And
-# likely I'd want to get rid of those .la files, which would lead to more
-# fallout, etc, etc.  So we'll put these back and plan a giant .la eradication
-# effort early in a future development cycle.
-#
-# Don't ship .la files.
-#rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la $PKG/usr/lib${LIBDIRSUFFIX}/sasl2/*.la
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
 
 ( cd $PKG
   find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
   find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 )
+
 mkdir -p $PKG/var/state/saslauthd
 mkdir -p $PKG/etc/rc.d
+mkdir -p $PKG/etc/sasl2
+
 zcat $CWD/rc.saslauthd.gz > $PKG/etc/rc.d/rc.saslauthd.new
+
 # Fix sloppy man page installation:
 rm -r $PKG/usr/man/cat8
 cat saslauthd/saslauthd.mdoc > $PKG/usr/man/man8/saslauthd.8
 gzip -9 $PKG/usr/man/man?/*.?
+
+# Add other documentation:
 mkdir -p $PKG/usr/doc/cyrus-sasl-$VERSION
 cp -a \
   AUTHORS COPYING* INSTALL NEWS README* \
@@ -115,10 +122,11 @@ cp -a \
   $PKG/usr/doc/cyrus-sasl-$VERSION
 find $PKG/usr/doc/cyrus-sasl-$VERSION -type f -exec chmod 644 {} \;
 rm -f $PKG/usr/doc/cyrus-sasl-$VERSION/doc/*Makefile*
+
 mkdir -p $PKG/install
 zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
-makepkg -l y -c n $TMP/cyrus-sasl-$VERSION-$ARCH-$BUILD.txz
+makepkg -l y -c n $TMP/cyrus-sasl-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz
 
diff --git a/source/n/cyrus-sasl/cyrus-sasl.url b/source/n/cyrus-sasl/cyrus-sasl.url
new file mode 100644
index 000000000..305d0f348
--- /dev/null
+++ b/source/n/cyrus-sasl/cyrus-sasl.url
@@ -0,0 +1 @@
+ftp://ftp.cyrusimap.org/cyrus-sasl/
diff --git a/source/n/cyrus-sasl/slack-desc b/source/n/cyrus-sasl/slack-desc
index f437c6a67..e714c71b6 100644
--- a/source/n/cyrus-sasl/slack-desc
+++ b/source/n/cyrus-sasl/slack-desc
@@ -1,16 +1,16 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
           |-----handy-ruler------------------------------------------------------|
 cyrus-sasl: cyrus-sasl (Simple Authentication and Security Layer)
 cyrus-sasl:
-cyrus-sasl: This is the Cyrus SASL library.  Cyrus SASL is used by mail programs 
+cyrus-sasl: This is the Cyrus SASL library. Cyrus SASL is used by mail programs 
 cyrus-sasl: on the client or server side to provide authentication and
-cyrus-sasl: authorization services.  See RFC 2222 for more information.
+cyrus-sasl: authorization services. See RFC 2222 for more information.
 cyrus-sasl:
 cyrus-sasl:
 cyrus-sasl:
diff --git a/source/n/dhcp/dhclient-script.PATH.diff b/source/n/dhcp/dhclient-script.PATH.diff
index 5dfe9f09c..567ed2a4f 100644
--- a/source/n/dhcp/dhclient-script.PATH.diff
+++ b/source/n/dhcp/dhclient-script.PATH.diff
@@ -1,13 +1,13 @@
-diff -Nur dhcp-4.1.1.orig//client/scripts/linux dhcp-4.1.1/client/scripts/linux
---- dhcp-4.1.1.orig//client/scripts/linux	2009-04-21 09:21:09.000000000 -0500
-+++ dhcp-4.1.1/client/scripts/linux	2010-03-03 09:14:33.261713322 -0600
-@@ -22,6 +22,9 @@
+--- ./client/scripts/linux.orig	2017-07-25 08:39:54.000000000 -0500
++++ ./client/scripts/linux	2017-08-03 15:31:41.067873392 -0500
+@@ -22,6 +22,10 @@
  # 4. TIMEOUT not tested. ping has a flag I don't know, and I'm suspicious
  # of the $1 in its args.
  
++# Set a reasonable default path for Linux:
 +PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
 +export PATH
 +
- # 'ip' just looks too weird.  /sbin/ip looks less weird.
- ip=/sbin/ip
- 
+ # 5. Script refresh in 2017. The aliasing code was too convoluted and needs
+ # to go away. Migrated DHCPv4 script to ip command from iproute2 suite.
+ # This is based on Debian script with some tweaks. ifconfig is no longer
diff --git a/source/n/dhcp/dhcp.SlackBuild b/source/n/dhcp/dhcp.SlackBuild
index ba3b6392d..62e65e558 100755
--- a/source/n/dhcp/dhcp.SlackBuild
+++ b/source/n/dhcp/dhcp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2012  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,12 +20,13 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=dhcp
 # Leave this one .gz as other compressors do not help much and we can keep
 # the original upstream .asc
 VERSION=${VERSION:-$(basename $(echo $PKGNAM-*.tar.gz | cut -f 2- -d -) .tar.gz)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 PKG_VERSION=$(echo $VERSION | tr - _)
 
@@ -41,7 +42,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$PKG_VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-dhcp
 
@@ -99,7 +107,8 @@ CFLAGS="$SLKCFLAGS" \
   --with-srv-lease-file=/var/state/dhcp/dhcpd.leases \
   --with-srv6-lease-file=/var/state/dhcp/dhcpd6.leases \
   --with-cli-lease-file=/var/state/dhcp/dhclient.leases \
-  --with-cli6-lease-file=/var/state/dhcp/dhclient6.leases
+  --with-cli6-lease-file=/var/state/dhcp/dhclient6.leases || exit 1
+
 # Default pid dir is still /var/run, so no need to declare it
 
 make $NUMJOBS || make || exit 1
diff --git a/source/n/dhcp/slack-desc b/source/n/dhcp/slack-desc
index f586e4e1b..9fb272ff2 100644
--- a/source/n/dhcp/slack-desc
+++ b/source/n/dhcp/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 dhcp: dhcp (DHCP server and client utilities)
 dhcp:
 dhcp: This package provides the ISC's DHCP utilities, including both a
-dhcp: server and client.  The DHCP protocol allows a host to contact a
+dhcp: server and client. The DHCP protocol allows a host to contact a
 dhcp: central server which maintains a list of IP addresses which may be
-dhcp: assigned on one or more subnets.   A DHCP client may request an
+dhcp: assigned on one or more subnets.  A DHCP client may request an
 dhcp: address from this pool, and then use it temporarily for communication
-dhcp: on the network.   The DHCP protocol also provides a mechanism whereby
+dhcp: on the network.  The DHCP protocol also provides a mechanism whereby
 dhcp: a client can learn important details about the network to which it is
 dhcp: attached, such as the location of a default router or name server.
 dhcp:
diff --git a/source/n/dhcpcd/dhcpcd-7.0.4.tar.xz.distinfo b/source/n/dhcpcd/dhcpcd-7.0.4.tar.xz.distinfo
new file mode 100644
index 000000000..b530ad204
--- /dev/null
+++ b/source/n/dhcpcd/dhcpcd-7.0.4.tar.xz.distinfo
@@ -0,0 +1 @@
+SHA256 (dhcpcd-7.0.4.tar.xz) = 1fa414be34383578e2c343dfc8cdcb95e2da74f62121b394c88d60698c889a78
diff --git a/source/n/dhcpcd/dhcpcd.SlackBuild b/source/n/dhcpcd/dhcpcd.SlackBuild
index f8b937d3b..56c33a42d 100755
--- a/source/n/dhcpcd/dhcpcd.SlackBuild
+++ b/source/n/dhcpcd/dhcpcd.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013, 2014  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2014, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-VERSION=${VERSION:-$(echo dhcpcd-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+PKGNAM=dhcpcd
+VERSION=${VERSION:-$(echo dhcpcd-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,7 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-dhcpcd
 
@@ -58,7 +67,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf dhcpcd-$VERSION
-tar xvf $CWD/dhcpcd-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/dhcpcd-$VERSION.tar.?z || exit 1
 cd dhcpcd-$VERSION
 chown -R root:root .
 find . \
@@ -68,6 +77,8 @@ find . \
  -exec chmod 644 {} \;
 
 patch -p1 < $CWD/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch || exit 1
+patch -p1 < $CWD/patches/use-hostname_short-in-dhcpcd.conf.patch || exit 1
+patch -p1 < $CWD/patches/dhcpcd.conf-request_ntp_server_by_default.patch || exit 1
 
 # At this point, it should be safe to assume that /var will be mounted by the
 # time dhcpcd is called, as all non-root local filesystems are mounted from
@@ -84,8 +95,8 @@ CFLAGS="$SLKCFLAGS" \
   --dbdir=/var/lib/dhcpcd \
   --libexecdir=/lib/dhcpcd \
   --mandir=/usr/man \
-  --rundir=/run/dhcpcd \
-  --build=$ARCH-slackware-linux
+  --rundir=/run \
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG HOOKSCRIPTS="50-ntp.conf 50-yp.conf" || exit 1
diff --git a/source/n/dhcpcd/dhcpcd.url b/source/n/dhcpcd/dhcpcd.url
new file mode 100644
index 000000000..4f90b451f
--- /dev/null
+++ b/source/n/dhcpcd/dhcpcd.url
@@ -0,0 +1 @@
+ftp://roy.marples.name/pub/dhcpcd
diff --git a/source/n/dhcpcd/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch b/source/n/dhcpcd/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch
index 464d54bd9..061d5c0f8 100644
--- a/source/n/dhcpcd/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch
+++ b/source/n/dhcpcd/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch
@@ -1,26 +1,11 @@
-From d968ff96e1e4354c591e49fe79b4f4ce0e553f61 Mon Sep 17 00:00:00 2001
-From: Robby Workman <rworkman@slackware.com>
-Date: Sun, 11 Aug 2013 23:12:57 -0500
-Subject: [PATCH 2/2] dhcpcd.conf: Don't invoke wpa_supplicant by default
-
-Slackware's network init script (rc.inet1) and/or
-NetworkManager itself handles this just fine.
----
- dhcpcd.conf | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/dhcpcd.conf b/dhcpcd.conf
-index 349c6f2..30aacca 100644
---- a/dhcpcd.conf
-+++ b/dhcpcd.conf
-@@ -30,3 +30,7 @@ require dhcp_server_identifier
- # A hook script is provided to lookup the hostname if not set by the DHCP
- # server, but it should not be run by default.
- nohook lookup-hostname
+diff -Nur dhcpcd-7.0.0.orig/src/dhcpcd.conf dhcpcd-7.0.0/src/dhcpcd.conf
+--- dhcpcd-7.0.0.orig/src/dhcpcd.conf	2018-01-01 05:17:56.000000000 -0600
++++ dhcpcd-7.0.0/src/dhcpcd.conf	2018-01-02 04:15:43.026058268 -0600
+@@ -39,3 +39,7 @@
+ #slaac hwaddr
+ # OR generate Stable Private IPv6 Addresses based from the DUID
+ slaac private
 +
 +# We run wpa_supplicant from rc.inet1 and/or NM handles it on its own
 +nohook wpa_supplicant
 +
--- 
-1.8.3.2
-
diff --git a/source/n/dhcpcd/patches/dhcpcd.conf-request_ntp_server_by_default.patch b/source/n/dhcpcd/patches/dhcpcd.conf-request_ntp_server_by_default.patch
new file mode 100644
index 000000000..10589e43c
--- /dev/null
+++ b/source/n/dhcpcd/patches/dhcpcd.conf-request_ntp_server_by_default.patch
@@ -0,0 +1,12 @@
+diff -Nur dhcpcd-7.0.0.orig/src/dhcpcd.conf dhcpcd-7.0.0/src/dhcpcd.conf
+--- dhcpcd-7.0.0.orig/src/dhcpcd.conf	2018-01-01 05:17:56.000000000 -0600
++++ dhcpcd-7.0.0/src/dhcpcd.conf	2018-01-02 04:19:53.997148193 -0600
+@@ -30,7 +30,7 @@
+ option interface_mtu
+ 
+ # Most distributions have NTP support.
+-#option ntp_servers
++option ntp_servers
+ 
+ # A ServerID is required by RFC2131.
+ require dhcp_server_identifier
diff --git a/source/n/dhcpcd/patches/use-hostname_short-in-dhcpcd.conf.patch b/source/n/dhcpcd/patches/use-hostname_short-in-dhcpcd.conf.patch
new file mode 100644
index 000000000..077aa17be
--- /dev/null
+++ b/source/n/dhcpcd/patches/use-hostname_short-in-dhcpcd.conf.patch
@@ -0,0 +1,12 @@
+diff -Nur dhcpcd-7.0.0.orig/src/dhcpcd.conf dhcpcd-7.0.0/src/dhcpcd.conf
+--- dhcpcd-7.0.0.orig/src/dhcpcd.conf	2018-01-01 05:17:56.000000000 -0600
++++ dhcpcd-7.0.0/src/dhcpcd.conf	2018-01-02 04:14:37.026484155 -0600
+@@ -5,7 +5,7 @@
+ #controlgroup wheel
+ 
+ # Inform the DHCP server of our hostname for DDNS.
+-hostname
++hostname_short
+ 
+ # Use the hardware address of the interface for the Client ID.
+ #clientid
diff --git a/source/n/dhcpcd/slack-desc b/source/n/dhcpcd/slack-desc
index 04859d7cb..1f9e4a835 100644
--- a/source/n/dhcpcd/slack-desc
+++ b/source/n/dhcpcd/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
 dhcpcd: dhcpcd (DHCP client daemon)
 dhcpcd:
 dhcpcd: The DHCP client program dhcpcd is used to connect to a network by
-dhcpcd: contacting a DHCP server.  dhcpcd gets an IP address and other
+dhcpcd: contacting a DHCP server. dhcpcd gets an IP address and other
 dhcpcd: information from a corresponding DHCP server, configures the network
 dhcpcd: interface automatically, and tries to renew the lease time according
 dhcpcd: to RFC2131 or RFC1541 depending on the command line option.
 dhcpcd:
-dhcpcd:
+dhcpcd: Homepage: https://roy.marples.name/projects/dhcpcd
 dhcpcd:
 dhcpcd:
diff --git a/source/n/dirmngr/dirmngr-pth-fix.patch b/source/n/dirmngr/dirmngr-pth-fix.patch
deleted file mode 100644
index 862458ed1..000000000
--- a/source/n/dirmngr/dirmngr-pth-fix.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Index: src/dirmngr.c
-===================================================================
---- src/dirmngr.c	(revision 348)
-+++ src/dirmngr.c	(working copy)
-@@ -665,8 +665,11 @@
-      the option parsing may need services of the libraries. */
- 
-   /* Libgcrypt requires us to register the threading model first.
--     Note that this will also do the pth_init. */
-+     Note that this will also do the pth_init for libgcrypt < 1.6 */
- 
-+#if GCRYPT_VERSION_NUMBER >= 0x010600
-+  pth_init ();
-+#endif
-   /* Init Libgcrypt. */
-   rc = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pth);
-   if (rc)
diff --git a/source/n/dirmngr/slack-desc b/source/n/dirmngr/slack-desc
deleted file mode 100644
index f0473c7be..000000000
--- a/source/n/dirmngr/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-       |-----handy-ruler------------------------------------------------------|
-dirmngr: CRL (Certificate Revocation Lists Manager)
-dirmngr:
-dirmngr: Dirmngr is a server for managing and downloading certificate
-dirmngr: revocation lists (CRLs) for X.509 certificates and for downloading
-dirmngr: the certificates themselves.  Dirmngr also handles OCSP requests as
-dirmngr: an alternative to CRLs.  Dirmngr is either invoked internally by
-dirmngr: gpgsm (from gnupg 2.x) or when running as a system daemon through
-dirmngr: the dirmngr-client tool.
-dirmngr:
-dirmngr:
-dirmngr:
diff --git a/source/n/dnsmasq/dnsmasq.SlackBuild b/source/n/dnsmasq/dnsmasq.SlackBuild
index 7003af142..3ad8ca389 100755
--- a/source/n/dnsmasq/dnsmasq.SlackBuild
+++ b/source/n/dnsmasq/dnsmasq.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2015, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=dnsmasq
 VERSION=${VERSION:-$(echo dnsmasq-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,7 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-dnsmasq
 
@@ -55,7 +64,9 @@ find . \
 
 zcat $CWD/dnsmasq.leasedir.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
 
-# Default CFLAGS are "-W -Wall -O2" - that's good enough.
+# Use libidn2:
+zcat $CWD/dnsmasq.libidn2.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
+
 make $NUMJOBS all-i18n PREFIX=/usr MANDIR=/usr/man || exit 1
 make install-i18n PREFIX=/usr DESTDIR=$PKG MANDIR=/usr/man || exit 1
 chmod 0755 $PKG/usr/sbin/dnsmasq
diff --git a/source/n/dnsmasq/dnsmasq.libidn2.diff b/source/n/dnsmasq/dnsmasq.libidn2.diff
new file mode 100644
index 000000000..d99e556bc
--- /dev/null
+++ b/source/n/dnsmasq/dnsmasq.libidn2.diff
@@ -0,0 +1,13 @@
+--- ./Makefile.orig	2017-05-22 16:58:46.000000000 -0500
++++ ./Makefile	2017-07-07 13:28:14.124402827 -0500
+@@ -24,8 +24,8 @@
+ LOCALEDIR     = $(PREFIX)/share/locale
+ BUILDDIR      = $(SRC)
+ DESTDIR       = 
+-CFLAGS        = -Wall -W -O2
+-LDFLAGS       = 
++CFLAGS        = -Wall -W -O2 -DHAVE_LIBIDN2
++LDFLAGS       = -lidn2
+ COPTS         = 
+ RPM_OPT_FLAGS = 
+ LIBS          = 
diff --git a/source/n/dnsmasq/slack-desc b/source/n/dnsmasq/slack-desc
index 0a0c5770f..be34433f5 100644
--- a/source/n/dnsmasq/slack-desc
+++ b/source/n/dnsmasq/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 dnsmasq: dnsmasq (small DNS and DHCP server)
 dnsmasq:
 dnsmasq: Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP
-dnsmasq: server.  It is designed to provide DNS (and optionally DHCP) to a
+dnsmasq: server. It is designed to provide DNS (and optionally DHCP) to a
 dnsmasq: small network, and can serve the names of local machines which are not
 dnsmasq: in the global DNS. 
 dnsmasq:
 dnsmasq: Dnsmasq was written by Simon Kelley.
 dnsmasq:
-dnsmasq:
+dnsmasq: Homepage: http://www.thekelleys.org.uk/dnsmasq/
 dnsmasq:
diff --git a/source/n/dovecot/doinst.sh b/source/n/dovecot/doinst.sh
new file mode 100644
index 000000000..dc2d5700b
--- /dev/null
+++ b/source/n/dovecot/doinst.sh
@@ -0,0 +1,45 @@
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+    # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  if [ -e $OLD ]; then
+    cp -a $OLD ${NEW}.incoming
+    cat $NEW > ${NEW}.incoming
+    mv ${NEW}.incoming $NEW
+  fi
+  config $NEW
+}
+
+preserve_perms etc/rc.d/rc.dovecot.new
+
+for file in etc/dovecot/*.conf.new etc/dovecot/*.ext.new etc/dovecot/conf.d/*.conf.new etc/dovecot/conf.d/*.ext.new ; do
+  config $file
+done
+
+# Make sure that the dovecot user/group (UID 94, GID 94), and the
+# postdrop user/group (UID 65, GID 95) exist on this system:
+if ! grep -q "^dovecot:" etc/passwd ; then
+  echo "dovecot:x:94:94:User for Dovecot processes:/dev/null:/bin/false" >> etc/passwd
+fi
+if ! grep -q "^dovenull:" etc/passwd ; then
+  echo "dovenull:x:95:95:User for Dovecot login processing:/dev/null:/bin/false" >> etc/passwd
+fi
+if ! grep -q "^dovecot:" etc/group ; then
+  echo "dovecot:x:94:" >> etc/group
+fi
+if ! grep -q "^dovenull:" etc/group ; then
+  echo "dovenull:x:95:" >> etc/group
+fi
+
diff --git a/source/n/dovecot/dovecot.SlackBuild b/source/n/dovecot/dovecot.SlackBuild
new file mode 100755
index 000000000..4a9a3572a
--- /dev/null
+++ b/source/n/dovecot/dovecot.SlackBuild
@@ -0,0 +1,188 @@
+#!/bin/bash
+
+# Copyright 2006, 2010  Alan Hicks, Lizella, GA
+# Copyright 2013, 2014, 2015, 2016, 2017  Mario Preksavec, Zagreb, Croatia
+# Copyright 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=dovecot
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-4}
+
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) ARCH=i586 ;;
+    arm*) ARCH=arm ;;
+       *) ARCH=$( uname -m ) ;;
+  esac
+fi
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "s390" ]; then
+  SLKCFLAGS="-O2"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+  LIBDIRSUFFIX="64"
+elif [ "$ARCH" = "armv7hl" ]; then
+  SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16"
+  LIBDIRSUFFIX=""
+else
+  SLKCFLAGS="-O2"
+  LIBDIRSUFFIX=""
+fi
+
+if [ "$(grep "^dovecot:x:94:94" /etc/passwd)" = "" -o \
+     "$(grep "^dovecot:x:94:" /etc/group)" = "" -o \
+     "$(grep "^dovenull:x:95:95" /etc/passwd)" = "" -o \
+     "$(grep "^dovenull:x:95:" /etc/group)" = "" ]; then
+cat << EOF
+The dovecot and dovenull user/group do not exist on this system.
+Before running this script, please add them with the following commands:
+
+groupadd -g 94 dovecot
+useradd -d /dev/null -s /bin/false -u 94 -g 94 dovecot
+groupadd -g 95 dovenull
+useradd -d /dev/null -s /bin/false -u 95 -g 95 dovenull
+
+EOF
+exit 1
+fi
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PKGNAM-ce-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
+cd $PKGNAM-$VERSION || exit 1
+
+# Ship config set up for authentication from /etc/passwd and /etc/shadow.
+zcat $CWD/dovecot.default.shadow.auth.diff.gz | patch -p1 --verbose || exit 1
+
+# Since this package installs working config files in /etc/dovecot, there isn't
+# any need to send people to /usr/doc. Also, make sure that TLS is recommended.
+zcat $CWD/dovecot.config.README.diff.gz | patch -p1 --verbose || exit 1
+
+chown -R root:root .
+find -L . \
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+  -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+
+# Add -ldl to LDFLAGS for sqlite
+CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS" \
+LDFLAGS="-ldl" \
+./configure \
+  --prefix=/usr \
+  --sysconfdir=/etc \
+  --libdir=/usr/lib${LIBDIRSUFFIX} \
+  --localstatedir=/var \
+  --docdir=/usr/doc/$PKGNAM-$VERSION \
+  --mandir=/usr/man \
+  --with-notify=inotify \
+  --without-pam \
+  --with-ldap=plugin \
+  --with-lucene \
+  --with-mysql \
+  --with-sqlite \
+  --with-libcap \
+  --disable-static \
+  --build=$ARCH-slackware-linux || exit 1
+
+make $NUMJOBS || make -j1 || exit 1
+make install-strip DESTDIR=$PKG || exit 1
+
+# Install sample configuration files:
+mkdir -p $PKG/etc/dovecot
+cp -a $PKG/usr/doc/$PKGNAM-$VERSION/example-config/* $PKG/etc/dovecot
+( cd $PKG/etc/dovecot
+  for file in *.conf *.ext conf.d/*.conf conf.d/*.ext ; do
+    mv $file ${file}.new
+  done
+)
+
+mkdir -p $PKG/etc/rc.d
+cat $CWD/rc.dovecot > $PKG/etc/rc.d/rc.dovecot.new
+chmod 0644 $PKG/etc/rc.d/rc.dovecot.new
+
+# Compress and link manpages, if any:
+if [ -d $PKG/usr/man ]; then
+  ( cd $PKG/usr/man
+    for manpagedir in $(find . -type d -name "man*") ; do
+      ( cd $manpagedir
+        for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do
+          ln -s $( readlink $eachpage ).gz $eachpage.gz
+          rm $eachpage
+        done
+        gzip -9 *.?
+      )
+    done
+  )
+fi
+
+cp -a \
+  AUTHORS COPYING* ChangeLog NEWS README TODO \
+  $PKG/usr/doc/$PKGNAM-$VERSION/
+
+# If there's a ChangeLog, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r ChangeLog ]; then
+  DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
+  cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
+  touch -r ChangeLog $DOCSDIR/ChangeLog
+fi
+
+# If there's a NEWS file, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r NEWS ]; then
+  DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
+  cat NEWS | head -n 1000 > $DOCSDIR/NEWS
+  touch -r NEWS $DOCSDIR/NEWS
+fi
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
diff --git a/source/n/dovecot/dovecot.config.README.diff b/source/n/dovecot/dovecot.config.README.diff
new file mode 100644
index 000000000..3ba80fb1d
--- /dev/null
+++ b/source/n/dovecot/dovecot.config.README.diff
@@ -0,0 +1,20 @@
+--- ./doc/example-config/README.in.orig	2017-06-23 06:18:28.000000000 -0500
++++ ./doc/example-config/README.in	2017-11-14 19:04:46.621109623 -0600
+@@ -1,2 +1,15 @@
+-Configuration files go to this directory. See example configuration files in
+-@exampledir@/
++Configuration files go to this directory.
++
++The configuration files that are provided here should work out of the box on
++Slackware once you've installed security certificates to support SSL/TLS.
++
++See the config file beneath this directory:  conf.d/10-ssl.conf
++
++For a script that will install self-signed certificates, see mkcert.sh in
++/usr/doc/dovecot-2.*
++
++It is also recommended to edit conf.d/10-auth.conf and uncomment this line:
++#disable_plaintext_auth = yes
++
++This will prevent usernames and passwords from being sent until a secure
++connection has been established.
diff --git a/source/n/dovecot/dovecot.default.shadow.auth.diff b/source/n/dovecot/dovecot.default.shadow.auth.diff
new file mode 100644
index 000000000..e0d8de058
--- /dev/null
+++ b/source/n/dovecot/dovecot.default.shadow.auth.diff
@@ -0,0 +1,40 @@
+--- ./doc/example-config/conf.d/auth-system.conf.ext.orig	2017-12-22 07:53:36.000000000 -0600
++++ ./doc/example-config/conf.d/auth-system.conf.ext	2018-01-31 17:05:06.840878097 -0600
+@@ -7,12 +7,12 @@
+ # PAM is typically used with either userdb passwd or userdb static.
+ # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
+ # authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt>
+-passdb {
+-  driver = pam
++#passdb {
++  #driver = pam
+   # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
+   # [cache_key=<key>] [<service name>]
+   #args = dovecot
+-}
++#}
+ 
+ # System users (NSS, /etc/passwd, or similar).
+ # In many systems nowadays this uses Name Service Switch, which is
+@@ -24,13 +24,17 @@
+ #}
+ 
+ # Shadow passwords for system users (NSS, /etc/shadow or similar).
+-# Deprecated by PAM nowadays.
++# This is the default on Slackware systems.
+ # <doc/wiki/PasswordDatabase.Shadow.txt>
+-#passdb {
+-  #driver = shadow
++passdb {
++  driver = shadow
+   # [blocking=no]
+   #args = 
+-#}
++}
++# Auth worker to authenticate shadow passwords on Slackware:
++service auth-worker {
++  group = shadow
++}
+ 
+ # PAM-like authentication for OpenBSD.
+ # <doc/wiki/PasswordDatabase.BSDAuth.txt>
diff --git a/source/n/dovecot/dovecot.url b/source/n/dovecot/dovecot.url
new file mode 100644
index 000000000..20b1beffe
--- /dev/null
+++ b/source/n/dovecot/dovecot.url
@@ -0,0 +1 @@
+http://www.dovecot.org/releases/
diff --git a/source/n/dovecot/rc.dovecot b/source/n/dovecot/rc.dovecot
new file mode 100644
index 000000000..c79b96e77
--- /dev/null
+++ b/source/n/dovecot/rc.dovecot
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+dovecot_start()
+{
+  echo "Starting dovecot:  /usr/sbin/dovecot"
+  /usr/sbin/dovecot
+}
+
+dovecot_stop()
+{
+  echo "Stopping dovecot..."
+  /usr/bin/doveadm stop
+}
+
+dovecot_status()
+{
+  /usr/bin/doveadm service status
+}
+
+dovecot_reload()
+{
+  echo "Reloading dovecot..."
+  /usr/bin/doveadm reload
+}
+
+case $1 in
+'start')
+  dovecot_start
+  ;;
+'stop')
+  dovecot_stop
+  ;;
+'status')
+  dovecot_status
+  ;;
+'restart')
+  dovecot_stop
+  sleep 3
+  dovecot_start
+  ;;
+'reload')
+  dovecot_reload
+  ;;
+*)
+  echo "usage $0 start|stop|restart|reload|status"
+esac
diff --git a/source/n/dovecot/slack-desc b/source/n/dovecot/slack-desc
new file mode 100644
index 000000000..3fc6c58b5
--- /dev/null
+++ b/source/n/dovecot/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+       |-----handy-ruler------------------------------------------------------|
+dovecot: dovecot (IMAP and POP3 server)
+dovecot:
+dovecot: Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like
+dovecot: systems, written with security foremost in mind.
+dovecot:
+dovecot: Dovecot can work with standard mbox and Maildir formats and it is
+dovecot: fully compatible with UW-IMAP and Courier IMAP servers'
+dovecot: implementation of them, as well as mail clients accessing the
+dovecot: mailboxes directly.
+dovecot:
+dovecot:
diff --git a/source/n/ebtables/ebtables.SlackBuild b/source/n/ebtables/ebtables.SlackBuild
index 056ad4296..8f1b03025 100755
--- a/source/n/ebtables/ebtables.SlackBuild
+++ b/source/n/ebtables/ebtables.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for ebtables
 
@@ -22,24 +22,33 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=ebtables
 VERSION=${VERSION:-2.0.10}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) ARCH=i486 ;;
+    i?86) ARCH=i586 ;;
     arm*) ARCH=arm ;;
        *) ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/ebtables/slack-desc b/source/n/ebtables/slack-desc
index 11a036a0e..5b22a3680 100644
--- a/source/n/ebtables/slack-desc
+++ b/source/n/ebtables/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
         |-----handy-ruler------------------------------------------------------|
 ebtables: ebtables (Ethernet frame filtering on a Linux bridge)
 ebtables:
 ebtables: The ebtables utility enables basic Ethernet frame filtering on a
-ebtables: Linux bridge, logging, MAC NAT and brouting.  It only provides basic
+ebtables: Linux bridge, logging, MAC NAT and brouting. It only provides basic
 ebtables: IP filtering, the full-fledged IP filtering on a Linux bridge is
 ebtables: done with iptables.
 ebtables:
diff --git a/source/n/elm/elm.SlackBuild b/source/n/elm/elm.SlackBuild
index 6ce92b466..f40b0fa4c 100755
--- a/source/n/elm/elm.SlackBuild
+++ b/source/n/elm/elm.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,26 +20,36 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=elm
 VERSION=2.5.8
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-5}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "x86_64" ]; then
   LIBDIRSUFFIX="64"
 else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-elm
 
diff --git a/source/n/elm/slack-desc b/source/n/elm/slack-desc
index 042e7bd67..1e5a9798b 100644
--- a/source/n/elm/slack-desc
+++ b/source/n/elm/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
    |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/epic5/epic5.SlackBuild b/source/n/epic5/epic5.SlackBuild
index 362658417..bfdd391d3 100755
--- a/source/n/epic5/epic5.SlackBuild
+++ b/source/n/epic5/epic5.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,11 +20,13 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=epic5
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 EPICVER=5
 HELPFILE=current
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-5}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,6 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "epic${EPICVER}-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -52,7 +62,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-epic${EPICVER}
 
@@ -69,11 +78,14 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+# Support OpenSSL 1.1.x:
+zcat $CWD/openssl-1.1.patch.gz | patch -p1 --verbose || exit 1
+
 CFLAGS="$SLKCFLAGS" \
 ./configure \
   --prefix=/usr \
   --with-tcl=/usr/lib${LIBDIRSUFFIX}/tclConfig.sh \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install IP=$PKG || exit 1
diff --git a/source/n/epic5/openssl-1.1.patch b/source/n/epic5/openssl-1.1.patch
new file mode 100644
index 000000000..254035e6d
--- /dev/null
+++ b/source/n/epic5/openssl-1.1.patch
@@ -0,0 +1,77 @@
+Index: epic5-2.0/source/crypto.c
+===================================================================
+--- epic5-2.0.orig/source/crypto.c
++++ epic5-2.0/source/crypto.c
+@@ -282,9 +282,9 @@ static char *	decipher_evp (const unsign
+ 	unsigned char	*iv = NULL;
+ 	unsigned long errcode;
+ 	int	outlen2;
+-        EVP_CIPHER_CTX a;
+-        EVP_CIPHER_CTX_init(&a);
+-	EVP_CIPHER_CTX_set_padding(&a, 0);
++	EVP_CIPHER_CTX *a = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(a);
++	EVP_CIPHER_CTX_set_padding(a, 0);
+ 
+ 	if (ivsize > 0)
+ 		iv = new_malloc(ivsize);
+@@ -292,18 +292,19 @@ static char *	decipher_evp (const unsign
+ 	if (ivsize > 0)
+ 		memcpy(iv, ciphertext, ivsize);
+ 
+-        EVP_DecryptInit_ex(&a, type, NULL, NULL, iv);
+-	EVP_CIPHER_CTX_set_key_length(&a, passwdlen);
+-	EVP_CIPHER_CTX_set_padding(&a, 0);
+-        EVP_DecryptInit_ex(&a, NULL, NULL, passwd, NULL);
++	EVP_DecryptInit_ex(a, type, NULL, NULL, iv);
++	EVP_CIPHER_CTX_set_key_length(a, passwdlen);
++	EVP_CIPHER_CTX_set_padding(a, 0);
++	EVP_DecryptInit_ex(a, NULL, NULL, passwd, NULL);
+ 
+-        if (EVP_DecryptUpdate(&a, outbuf, outlen, ciphertext, cipherlen) != 1)
++	if (EVP_DecryptUpdate(a, outbuf, outlen, ciphertext, cipherlen) != 1)
+ 		yell("EVP_DecryptUpdate died.");
+-	if (EVP_DecryptFinal_ex(&a, outbuf + (*outlen), &outlen2) != 1)
++	if (EVP_DecryptFinal_ex(a, outbuf + (*outlen), &outlen2) != 1)
+ 		yell("EVP_DecryptFinal_Ex died.");
+ 	*outlen += outlen2;
+ 
+-        EVP_CIPHER_CTX_cleanup(&a);
++	EVP_CIPHER_CTX_cleanup(a);
++	EVP_CIPHER_CTX_free(a);
+ 
+ 	ERR_load_crypto_strings();
+ 	while ((errcode = ERR_get_error()))
+@@ -454,9 +455,9 @@ static char *	cipher_evp (const unsigned
+ 	unsigned long errcode;
+ 	u_32int_t	randomval;
+ 	int		iv_count;
+-        EVP_CIPHER_CTX a;
+-        EVP_CIPHER_CTX_init(&a);
+-	EVP_CIPHER_CTX_set_padding(&a, 0);
++	EVP_CIPHER_CTX *a = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(a);
++	EVP_CIPHER_CTX_set_padding(a, 0);
+ 
+ 	if (ivsize < 0)
+ 		ivsize = 0;		/* Shenanigans! */
+@@ -480,12 +481,13 @@ static char *	cipher_evp (const unsigned
+ 	if (iv)
+ 		memcpy(outbuf, iv, ivsize);
+ 
+-        EVP_EncryptInit_ex(&a, type, NULL, NULL, iv);
+-	EVP_CIPHER_CTX_set_key_length(&a, passwdlen);
+-        EVP_EncryptInit_ex(&a, NULL, NULL, passwd, NULL);
+-        EVP_EncryptUpdate(&a, outbuf + ivsize, &outlen, plaintext, plaintextlen);
+-	EVP_EncryptFinal_ex(&a, outbuf + ivsize + outlen, &extralen);
+-        EVP_CIPHER_CTX_cleanup(&a);
++	EVP_EncryptInit_ex(a, type, NULL, NULL, iv);
++	EVP_CIPHER_CTX_set_key_length(a, passwdlen);
++	EVP_EncryptInit_ex(a, NULL, NULL, passwd, NULL);
++	EVP_EncryptUpdate(a, outbuf + ivsize, &outlen, plaintext, plaintextlen);
++	EVP_EncryptFinal_ex(a, outbuf + ivsize + outlen, &extralen);
++	EVP_CIPHER_CTX_cleanup(a);
++	EVP_CIPHER_CTX_free(a);
+ 	outlen += extralen;
+ 
+ 	ERR_load_crypto_strings();
diff --git a/source/n/epic5/slack-desc b/source/n/epic5/slack-desc
index 43cb81a36..35cb3af6f 100644
--- a/source/n/epic5/slack-desc
+++ b/source/n/epic5/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
@@ -10,9 +10,9 @@ epic5: epic5 (Internet Relay Chat client)
 epic5:
 epic5: EPIC is the (E)nhanced (P)rogrammable (I)RC-II (C)lient.
 epic5:
-epic5: The EPIC home page is:        http://www.epicsol.org/
-epic5: The EPIC main ftp site is:    ftp://ftp.epicsol.org/
-epic5: The EPIC IRC channel is:      #epic on EFNet
+epic5: The EPIC home page is:       http://www.epicsol.org/
+epic5: The EPIC main ftp site is:   ftp://ftp.epicsol.org/
+epic5: The EPIC IRC channel is:     #epic on EFNet
 epic5:
 epic5:
 epic5:
diff --git a/source/n/ethtool/ethtool-4.16.tar.sign b/source/n/ethtool/ethtool-4.16.tar.sign
new file mode 100644
index 000000000..26ccc2e74
--- /dev/null
+++ b/source/n/ethtool/ethtool-4.16.tar.sign
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABAgAGBQJa0O8NAAoJEJctW/TcYTgGbZMP/RzqGYtjqHTtFT9xHwxhZZsB
+z5olfHd+cBv/cvZn1394ws/hCuXqaurHNffa7m83ksyjitl4k4ShHQIv5L/2nlJ2
+bZiN9qWGyL0UnCIJSCB7Wa0IKEw1gKVY92FkybT+A1gWdxjDyB7g9FPNPbl4cmkj
+kdK3ed0Z5OMwYabsuVqa4GCAY9V4lZMUZW9jCO4ZP4lbsD2zebnFSm5Y3ZTpNTUW
+0TIxmBjCjNkmVehrlhGi4Q626Wgy9vCzewLJKFksu1tvtl3vAAQ36+GbfQMWSFX7
+f7DiWifni8FYbqxvcabFcPLMtko1NGd15M5se5P4CD5LHH3/ez91Dz/3z3/v6JEX
+UdvG8WNUghGcxr/jsc0t5Tk5P5TZUC8o/esZ8fpK3thYU8PRSsHTnHKrjo4KFNjc
+gqkNtWXo8T3dm6sDE9efIBS43BkBTpeyXebqJ4BhpL3M4dbjLvK+NV0KrQO0p7x/
+157ukkrz89dfht0wHDEYOSke85MEXnKWXTdUbBFdoq9ia8u9jcp2ckbWWHZ0R7qr
+UA6oNs/E8Pfm2NvpPJsTEDdVd+lz2DfXQDT/Av2+OTvmNRkmHcjGV+hOUzGn/iBU
+VsEKEyDgCdxjqTY2lcnE2+6Wavym7NL0qWiLStMibQXe5xDPQsl0mcD0G0+UHYA5
+Am0BP59qR4Fu5MtlCeQG
+=/Fme
+-----END PGP SIGNATURE-----
diff --git a/source/n/ethtool/ethtool-4.5.tar.sign b/source/n/ethtool/ethtool-4.5.tar.sign
deleted file mode 100644
index 75a72f307..000000000
--- a/source/n/ethtool/ethtool-4.5.tar.sign
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIVAwUAVuYakOe/yOyVhhEJAQqVIg//R9TIh1/lWBbC6qwJkEHMqmle/wx+Oinz
-OrIf1bRsMMj6lKiIulAGo7sYkol6egw2NRHrOupPxjkX8WhEGCe1HmrTq5Fkink9
-g30rZUw3rnadnBoi2ZDkZ7apfpCj9pRJBKGuzoQNoAjkSmhnqFlPpINFULsAGZQI
-6iE6iWz7eqPrnTml57GY28ZJDyLPvaCE/BXWzZZjDHRfGwAUjAHsqdoAqDfzqOzW
-ymPm4GCDjJGEugQ5l8Dvo6vp4uqwrBjXeDU7kCSDb6d/GLrNfGvCUg0e4K4mU79j
-JwEFP3fImsCgQ1chkcdFA8SRRtHOJsyOm8diNrUhufHNe3Kjt5BvJraFE9anmZgT
-Urmn4yeupkEixcQOHq9vN38Nz2Qscz9LOOWC1txQ8IytTjBOsWbMPD3ktF2kZ+xd
-jtM8r7UykNciVrf+r0qtGfmWkoLUGKdzrR5oEzmrGVFL9v3Gd4HrAFfYbUA3AlVX
-KUQl6wJXEtS+wC3onRCg9Ksb91/wAdNROBM2yXMnj3z4xS7nap9E+JEIH6jOa9ol
-f4RS4cLGAtf8E+vZMiFcrH0fkvlQTdcVc4z2xBm4BsDZYSzpXLIYtlaVS4/qO9yQ
-cdMTBKxl3nA4IfQT0VMUsB6fH32auOkTG8NEBP75ypLremn+vG8Ws+cdUy0Hy6bV
-Pa3PalUpQgM=
-=O3ii
------END PGP SIGNATURE-----
diff --git a/source/n/ethtool/ethtool.SlackBuild b/source/n/ethtool/ethtool.SlackBuild
index 6e6f89883..16e35f4c4 100755
--- a/source/n/ethtool/ethtool.SlackBuild
+++ b/source/n/ethtool/ethtool.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2011  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2011, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,6 +20,7 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=ethtool
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
@@ -35,7 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-ethtool
 
@@ -65,10 +73,10 @@ CFLAGS="$SLKCFLAGS" \
 ./configure \
   --prefix=/usr \
   --mandir=/usr/man \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make || exit 1
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
 
 strip --strip-unneeded $PKG/usr/sbin/ethtool
 gzip -9 $PKG/usr/man/man8/ethtool.8
diff --git a/source/n/ethtool/ethtool.url b/source/n/ethtool/ethtool.url
new file mode 100644
index 000000000..338de8898
--- /dev/null
+++ b/source/n/ethtool/ethtool.url
@@ -0,0 +1 @@
+https://www.kernel.org/pub/software/network/ethtool/
diff --git a/source/n/ethtool/slack-desc b/source/n/ethtool/slack-desc
index 92a7c7dac..b9c37e737 100644
--- a/source/n/ethtool/slack-desc
+++ b/source/n/ethtool/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 ethtool: ethtool (a tool for examining and tuning a network interface)
 ethtool:
 ethtool: ethtool is a small utility for examining and tuning your Ethernet
-ethtool: based network interface.  For more details, see "man ethtool".
+ethtool: based network interface. For more details, see "man ethtool".
 ethtool:
 ethtool: ethtool was written by David Miller, with help from Jakub Jelinek,
 ethtool: Jeff Garzik, Tim Hockin, Eli Kupermann, Chris Leech, Scott Feldman,
diff --git a/source/n/fetchmail/fetchmail.SlackBuild b/source/n/fetchmail/fetchmail.SlackBuild
index 14c867daa..37944c341 100755
--- a/source/n/fetchmail/fetchmail.SlackBuild
+++ b/source/n/fetchmail/fetchmail.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=fetchmail
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -34,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
@@ -46,7 +56,6 @@ fi
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-fetchmail
 
diff --git a/source/n/fetchmail/slack-desc b/source/n/fetchmail/slack-desc
index 7be0c1e4b..3a09b1f44 100644
--- a/source/n/fetchmail/slack-desc
+++ b/source/n/fetchmail/slack-desc
@@ -1,18 +1,18 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
          |-----handy-ruler------------------------------------------------------|
 fetchmail: fetchmail (mail retrieval and forwarding utility)
 fetchmail:
-fetchmail: fetchmail is a mail retrieval and forwarding utility.  It fetches
+fetchmail: fetchmail is a mail retrieval and forwarding utility. It fetches
 fetchmail: mail from a POP, IMAP, or ETRN-capable remote mailserver and forwards
-fetchmail: it to your local (client) machine's delivery system.  You can then
+fetchmail: it to your local (client) machine's delivery system. You can then
 fetchmail: handle the retrieved mail using normal mail user agents such as elm,
-fetchmail: pine, or mutt.  The fetchmail utility can be run in a daemon mode to
+fetchmail: pine, or mutt. The fetchmail utility can be run in a daemon mode to
 fetchmail: repeatedly poll one or more systems at a specified interval.
 fetchmail:
 fetchmail: fetchmail is probably not secure.
diff --git a/source/n/getmail/getmail.SlackBuild b/source/n/getmail/getmail.SlackBuild
index 5a550bce6..4f2ec8c8d 100755
--- a/source/n/getmail/getmail.SlackBuild
+++ b/source/n/getmail/getmail.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,20 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-VERSION=${VERSION:-$(echo getmail-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=getmail
+VERSION=${VERSION:-$(echo getmail-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-getmail
 rm -rf $PKG
@@ -41,11 +51,15 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf getmail-$VERSION
-tar xvf $CWD/getmail-$VERSION.tar.gz || exit 1
+tar xvf $CWD/getmail-$VERSION.tar.?z || exit 1
 chown -R root:root getmail-$VERSION
-cd getmail-$VERSION
-python setup.py build
-python setup.py install --root=$PKG
+cd getmail-$VERSION || exit 1
+
+# Fix shebang in a couple files
+sed -i -e "s|#![ ]*/usr/bin/env python2.3|#!/usr/bin/env python2|" $(find . -name '*.py')
+
+python setup.py build || exit 1
+python setup.py install --root=$PKG || exit 1
 
 ( cd $PKG/usr/share
   mv man ..
diff --git a/source/n/getmail/getmail.url b/source/n/getmail/getmail.url
new file mode 100644
index 000000000..0cfbf0ed4
--- /dev/null
+++ b/source/n/getmail/getmail.url
@@ -0,0 +1 @@
+http://pyropus.ca/software/getmail
diff --git a/source/n/getmail/slack-desc b/source/n/getmail/slack-desc
index 6c91db1cc..5fa340025 100644
--- a/source/n/getmail/slack-desc
+++ b/source/n/getmail/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 getmail: getmail (POP3 mail retriever)
 getmail:
 getmail: getmail is a POP3 mail retriever, with support for both ordinary and
-getmail: domain (or multidrop) POP3 mailboxes.  It is written in Python, and
+getmail: domain (or multidrop) POP3 mailboxes. It is written in Python, and
 getmail: licensed under the GNU General Public License version 2.
 getmail:
 getmail: getmail was written by Charles Cazabon.
diff --git a/source/n/gnupg/gnupg.SlackBuild b/source/n/gnupg/gnupg.SlackBuild
index de2228adc..5de0ee6cf 100755
--- a/source/n/gnupg/gnupg.SlackBuild
+++ b/source/n/gnupg/gnupg.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2013, 2015, 2016  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2015, 2016, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=gnupg
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -34,9 +36,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-gnupg
 
@@ -107,9 +116,3 @@ cat $CWD/slack-desc.gnupg > $PKG/install/slack-desc
 # Build the package:
 cd $PKG
 /sbin/makepkg -l y -c n $TMP/gnupg-$VERSION-$ARCH-$BUILD.txz
-
-# Clean up the extra stuff:
-if [ "$1" = "--cleanup" ]; then
-  rm -rf $TMP/gnupg-$VERSION
-  rm -rf $PKG
-fi
diff --git a/source/n/gnupg/slack-desc.gnupg b/source/n/gnupg/slack-desc.gnupg
index 496005e9b..22a25a7cd 100644
--- a/source/n/gnupg/slack-desc.gnupg
+++ b/source/n/gnupg/slack-desc.gnupg
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 gnupg: gnupg (The GNU Privacy Guard)
 gnupg:
-gnupg: GnuPG is GNU's tool for secure communication and data storage.  It can
-gnupg: be used to encrypt data and to create digital signatures.  It includes
+gnupg: GnuPG is GNU's tool for secure communication and data storage. It can
+gnupg: be used to encrypt data and to create digital signatures. It includes
 gnupg: an advanced key management facility and is compliant with the proposed
 gnupg: OpenPGP Internet standard as described in RFC2440.
 gnupg:
diff --git a/source/n/gnupg2/gnupg2.SlackBuild b/source/n/gnupg2/gnupg2.SlackBuild
index 0f41877c3..fbb43c7b1 100755
--- a/source/n/gnupg2/gnupg2.SlackBuild
+++ b/source/n/gnupg2/gnupg2.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006-2010  Robby Workman, Northport, AL, USA
-# Copyright 2007-2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,9 +21,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=gnupg2
-VERSION=${VERSION:-$(echo gnupg-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo gnupg-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -38,9 +39,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
-PKG=$TMP/package-gnupg
+PKG=$TMP/package-gnupg2
 
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
@@ -61,8 +69,8 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf gnupg-$VERSION
-tar xvf $CWD/gnupg-$VERSION.tar.?z* || exit 1
-cd gnupg-$VERSION
+tar xvf $CWD/gnupg-$VERSION.tar.?z || exit 1
+cd gnupg-$VERSION || exit 1
 
 chown -R root:root .
 find . \
@@ -82,7 +90,8 @@ CXXFLAGS="$SLKCFLAGS" \
   --docdir=/usr/doc/gnupg2-$VERSION \
   --program-prefix="" \
   --program-suffix="" \
-  --build=$ARCH-slackware-linux
+  --enable-gpg-is-gpg2 \
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
@@ -115,37 +124,6 @@ mkdir -p $PKG/usr/doc/gnupg2-$VERSION
 cp -a \
   AUTHORS COPYING* INSTALL NEWS README* THANKS TODO VERSION \
   $PKG/usr/doc/gnupg2-$VERSION
-# Build html docs
-( cd doc
-  make gnupg.html
-  mv gnupg.html $PKG/usr/doc/gnupg2-$VERSION/html
-)
-# Fix some filenames in the html directory
-( cd $PKG/usr/doc/gnupg2-$VERSION/html
-mv how_002dto_002dspecify_002da_002duser_002did.html howto_specify_user_id.html
-mv GnuPG_002d1-and-GnuPG_002d2.html GnuPG_1-and-GnuPG_2.html
-mv gpg_002dpreset_002dpassphrase.html gpg_preset_passphrase.html
-mv gpgsm_002dgencert_002esh.html gpgsm_gencert_sh.html
-mv Invoking-gpg_002dpreset_002dpassphrase.html Invoking-gpg_preset_passphrase.html
-mv Invoking-gpg_002dconnect_002dagent.html Invoking-gpg_connect_agent.html
-mv gpg_002dconnect_002dagent.html gpg_connect_agent.html
-mv Agent-GET_005fCONFIRMATION.html Agent-GET_CONFIRMATION.html
-mv option-_002d_002denable_002dssh_002dsupport.html option-enable_ssh_support.html
-mv option-_002d_002doptions.html option-options.html
-mv Invoking-GPG_002dAGENT.html Invoking-GPG_AGENT.html
-mv gpg_002dzip.html gpg_zip.html
-mv option-_002d_002dp12_002dcharset.html option-p12_charset.html
-mv option-_002d_002dallow_002dmark_002dtrusted.html option-allow_mark_trusted.html
-mv Controlling-gpg_002dconnect_002dagent.html Controlling-gpg_connect_agent.html
-mv Agent-GET_005fPASSPHRASE.html Agent-GET_PASSPHRASE.html
-mv option-_002d_002dhomedir.html option-homedir.html
-mv PKCS_002315-Card.html PKCS-15-Card.html
-mv option-_002d_002dexport_002downertrust.html option-export_ownertrust.html
-mv option-_002d_002dlog_002dfile.html option-logfile.html
-mv option-watchgnupg-_002d_002dtcp.html option-watchgnupg-tcp.html
-)
-# Move html doc to the proper location
-mv $PKG/usr/doc/gnupg2-$VERSION/faq.html $PKG/usr/doc/gnupg2-$VERSION/html/
 
 # If there's a ChangeLog, installing at least part of the recent history
 # is useful, but don't let it get totally out of control:
diff --git a/source/n/gnupg2/slack-desc b/source/n/gnupg2/slack-desc
index c64d7fb67..015fbbba3 100644
--- a/source/n/gnupg2/slack-desc
+++ b/source/n/gnupg2/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
 gnupg2: GnuPG2 (The GNU Privacy Guard version 2.x)
 gnupg2:
-gnupg2: GnuPG is GNU's tool for secure communication and data storage.  It can
-gnupg2: be used to encrypt data and to create digital signatures.  It includes
+gnupg2: GnuPG is GNU's tool for secure communication and data storage. It can
+gnupg2: be used to encrypt data and to create digital signatures. It includes
 gnupg2: an advanced key management facility and is compliant with the proposed
 gnupg2: OpenPGP Internet standard as described in RFC2440 and the S/MIME
 gnupg2: standard as described by several RFCs.
 gnupg2:
 gnupg2: GnuPG 2.0 is the stable version of GnuPG integrating support for
-gnupg2: OpenPGP and S/MIME.  It does not conflict with an installed 1.4.x
+gnupg2: OpenPGP and S/MIME. It does not conflict with an installed 1.4.x
 gnupg2: OpenPGP-only version.
diff --git a/source/n/gnutls/gnutls.SlackBuild b/source/n/gnutls/gnutls.SlackBuild
index 9b1a00b1c..71a5d5409 100755
--- a/source/n/gnutls/gnutls.SlackBuild
+++ b/source/n/gnutls/gnutls.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007, 2008, 2009, 2010, 2016  Patrick Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2016, 2017, 2018  Patrick Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=gnutls
 VERSION=${VERSION:-$(echo gnutls-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -51,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 rm -rf $PKG
@@ -79,19 +87,26 @@ CXXFLAGS="$SLKCFLAGS" \
   --localstatedir=/var \
   --infodir=/usr/info \
   --mandir=/usr/man \
+  --docdir=/usr/doc/$PKGNAM-$VERSION \
   --enable-static=no \
   --disable-rpath \
   --with-included-libtasn1 \
   --enable-openssl-compatibility \
   --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --host=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
+# Remove any zero length man pages:
+find $PKG/usr/man/ -type f -empty -delete
+
 # Compress and link manpages, if any:
 if [ -d $PKG/usr/man ]; then
   ( cd $PKG/usr/man
@@ -114,9 +129,13 @@ fi
 
 mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
 cp -a \
-  AUTHORS COPYING* INSTALL NEWS README* THANKS \
+  AUTHORS COPYING* INSTALL LICENSE NEWS README* THANKS \
+  doc/COPYING* \
   $PKG/usr/doc/$PKGNAM-$VERSION
 
+# These PNG images are already present in /usr/info.
+rm -f $PKG/usr/doc/$PKGNAM-$VERSION/*.png
+
 # If there's a ChangeLog, installing at least part of the recent history
 # is useful, but don't let it get totally out of control:
 if [ -r ChangeLog ]; then
@@ -125,6 +144,13 @@ if [ -r ChangeLog ]; then
   touch -r ChangeLog $DOCSDIR/ChangeLog
 fi
 
+# Likewise for the bloated NEWS:
+if [ -r NEWS ]; then
+  DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
+  cat NEWS | head -n 1000 > $DOCSDIR/NEWS
+  touch -r NEWS $DOCSDIR/NEWS
+fi
+
 mkdir -p $PKG/install
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
diff --git a/source/n/gnutls/slack-desc b/source/n/gnutls/slack-desc
index 49fdb9f0c..83b514292 100644
--- a/source/n/gnutls/slack-desc
+++ b/source/n/gnutls/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
 gnutls: gnutls (GNU TLS library)
 gnutls:
 gnutls: This is a TLS (Transport Layer Security) 1.0 and SSL (Secure Sockets
-gnutls: Layer) 3.0 implementation.  In brief, GnuTLS can be described as a
+gnutls: Layer) 3.0 implementation. In brief, GnuTLS can be described as a
 gnutls: library which offers an API to access secure communication protocols.
 gnutls: These protocols provide privacy over insecure lines, and were designed
 gnutls: to prevent eavesdropping, tampering, or message forgery.
diff --git a/source/n/gpa/gpa.SlackBuild b/source/n/gpa/gpa.SlackBuild
index c86c87b98..7c150ab3b 100755
--- a/source/n/gpa/gpa.SlackBuild
+++ b/source/n/gpa/gpa.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006-2007, 2014  Robby Workman, Tuscaloosa, AL, USA
-# Copyright 2007, 2008, 2009, 2010, 2012  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2012, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,10 +21,11 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=gpa
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,11 +37,18 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
-PKG=$TMP/pkg-$PKGNAM
+PKG=$TMP/package-$PKGNAM
 
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
@@ -62,7 +70,7 @@ mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
 tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
-cd $PKGNAM-$VERSION
+cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -78,11 +86,10 @@ CXXFLAGS="$SLKCFLAGS" \
   --sysconfdir=/etc \
   --mandir=/usr/man \
   --infodir=/usr/info \
-  --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
diff --git a/source/n/gpa/slack-desc b/source/n/gpa/slack-desc
index 4ebd987ed..a53d82359 100644
--- a/source/n/gpa/slack-desc
+++ b/source/n/gpa/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
    |-----handy-ruler------------------------------------------------------|
 gpa: gpa (GNU Privacy Assistant)
 gpa:
 gpa: GPA is a graphical frontend for the GNU Privacy Guard (GnuPG, 
-gpa: http://www.gnupg.org).  GPA can be used to encrypt, decrypt, and
+gpa: http://www.gnupg.org). GPA can be used to encrypt, decrypt, and
 gpa: sign files, to verify signatures and to manage the private and
 gpa: public keys.
 gpa:
diff --git a/source/n/gpgme/gpgme.SlackBuild b/source/n/gpgme/gpgme.SlackBuild
index 3bf092f05..3324ba4a4 100755
--- a/source/n/gpgme/gpgme.SlackBuild
+++ b/source/n/gpgme/gpgme.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006-2009  Robby Workman, Northport, AL, USA
-# Copyright 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2016, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,8 +21,10 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=gpgme
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
@@ -35,11 +37,18 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
-PKG=$TMP/pkg-$PKGNAM
+PKG=$TMP/package-$PKGNAM
 
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
@@ -59,7 +68,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
@@ -68,6 +77,7 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+# Don't build qt binding which requires qt5:
 CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \
@@ -75,12 +85,16 @@ CXXFLAGS="$SLKCFLAGS" \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
   --sysconfdir=/etc \
   --infodir=/usr/info \
+  --enable-languages="cl cpp python" \
   --docdir=/usr/doc/gpgme-$VERSION \
   --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --host=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
+
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" \
   | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
diff --git a/source/n/gpgme/slack-desc b/source/n/gpgme/slack-desc
index 3436b08c9..77a26bba0 100644
--- a/source/n/gpgme/slack-desc
+++ b/source/n/gpgme/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 gpgme: gpgme (GnuPG Made Easy)
 gpgme:
 gpgme: GPGME (GnuPG Made Easy) is a C language library that allows to add
-gpgme: support for cryptography to a program.  It is designed to make access
+gpgme: support for cryptography to a program. It is designed to make access
 gpgme: to public key crypto engines like GnuPG or GpgSM easier for
-gpgme: applications.  GPGME provides a high-level crypto API for encryption,
+gpgme: applications. GPGME provides a high-level crypto API for encryption,
 gpgme: decryption, signing, signature verification and key management.
 gpgme:
 gpgme: GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the 
diff --git a/source/n/htdig/htdig.SlackBuild b/source/n/htdig/htdig.SlackBuild
index ae92cfde1..7c817d54e 100755
--- a/source/n/htdig/htdig.SlackBuild
+++ b/source/n/htdig/htdig.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,30 +20,38 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=htdig
 VERSION=${VERSION:-3.2.0b6}
 NUMJOBS=${NUMJOBS:-" -j7 "}
-BUILD=${BUILD:-4}
+BUILD=${BUILD:-6}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
 mkdir -p $TMP $PKG
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -77,7 +85,7 @@ zcat $CWD/htdig.conf.diff.gz | patch -p1 --verbose || exit 1
 
 # Configure:
 CFLAGS="$SLKCFLAGS" \
-CXXFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS -std=gnu++98 -fpermissive -fno-delete-null-pointer-checks" \
 ./configure \
   --prefix=/usr \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
diff --git a/source/n/htdig/slack-desc b/source/n/htdig/slack-desc
index fea14f60c..6bbf1bf91 100644
--- a/source/n/htdig/slack-desc
+++ b/source/n/htdig/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 htdig: htdig (web indexing and searching system)
 htdig:
 htdig: The ht://Dig system is a complete web indexing and searching system
-htdig: for a small domain or intranet.  This system is not intended to
+htdig: for a small domain or intranet. This system is not intended to
 htdig: replace the need for outside Internet search engines such as Google,
 htdig: but rather to cover the search needs for a single company, campus, or
 htdig: even a particular sub section of a web site.
diff --git a/source/n/httpd/doinst.sh b/source/n/httpd/doinst.sh
index da256515c..e233c362b 100644
--- a/source/n/httpd/doinst.sh
+++ b/source/n/httpd/doinst.sh
@@ -29,12 +29,14 @@ if [ ! -e var/log/httpd ]; then
   chmod 755 var/log/httpd
 fi
 
-# Don't wipe out an existing document root:
-if [ ! -L srv/www -a -d srv/www ]; then
-  mv srv/www srv/www.bak.$$
+# Don't wipe out an existing document root with symlinks. If someone has
+# replaced the symlinks that are created on a fresh installation, assume
+# that they know what they are doing and leave things as-is.
+if [ ! -e srv/www ]; then
+  ( cd srv ; ln -sf /var/www www )
 fi
-if [ ! -L srv/httpd -a -d srv/httpd ]; then
-  mv srv/httpd srv/httpd.bak.$$
+if [ ! -e srv/httpd ]; then
+  ( cd srv ; ln -sf /var/www httpd )
 fi
 
 # Once again, our intent is not to wipe out anyone's
diff --git a/source/n/httpd/httpd.SlackBuild b/source/n/httpd/httpd.SlackBuild
index cbabd7a91..a78468e3e 100755
--- a/source/n/httpd/httpd.SlackBuild
+++ b/source/n/httpd/httpd.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -23,10 +23,11 @@
 # This script was written using the one from slackbuilds.org as a reference,
 # so thanks to Adis Nezirovic ( adis _at_ linux.org.ba ) for the original work.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=httpd
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -38,9 +39,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
@@ -63,7 +71,7 @@ fi
 cd $TMP
 rm -rf ${PKGNAM}-${VERSION}
 tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1
-cd ${PKGNAM}-$VERSION
+cd ${PKGNAM}-$VERSION || exit 1
 
 # Make sure ownerships and permissions are sane:
 chown -R root:root .
@@ -120,10 +128,12 @@ CXXFLAGS="$SLKCFLAGS" \
   --enable-cgi \
   --with-pcre \
   --enable-ssl \
+  --enable-http2 \
   --enable-rewrite \
   --enable-vhost-alias \
   --enable-proxy \
   --enable-proxy-http \
+  --enable-proxy-http2 \
   --enable-proxy-ftp \
   --enable-cache \
   --enable-mem-cache \
@@ -187,9 +197,17 @@ zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 
 mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/
 cp -a \
-  ABOUT_APACHE Apache.dsw BuildBin.dsp CHANGES INSTALL InstallBin.dsp LAYOUT LICENSE NOTICE NWGNUmakefile README* ROADMAP VERSIONING \
+  ABOUT_APACHE CHANGES INSTALL LICENSE NOTICE README* ROADMAP VERSIONING \
   $PKG/usr/doc/$PKGNAM-$VERSION
 
+# If there's a CHANGES file, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r CHANGES ]; then
+  DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
+  cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES
+  touch -r CHANGES $DOCSDIR/CHANGES
+fi
+
 # Other distributions also strip the manual down to just English.
 # If this isn't your language of choice, mea culpa.
 ( cd $PKG/srv/httpd/htdocs/manual
@@ -207,10 +225,15 @@ cp -a \
 # symlinks allowing access through the FHS-approved pathnames.  KDE, for example,
 # will look for htdig's htsearch here:  /var/www/cgi-bin/htsearch
 mv $PKG/srv/httpd $PKG/var/www
-( cd $PKG/srv
-  ln -sf /var/www .
-  ln -sf /var/www httpd
-)
+
+## DISABLED. Don't make these symlinks prior to packaging any more, as it is
+## possibly dangerous to an existing document root created in the place where
+## these symlinks are normally found. Instead, we make them in the install
+## script (only if nothing exists there already)
+#( cd $PKG/srv
+#  ln -sf /var/www .
+#  ln -sf /var/www httpd
+#)
 
 # OK, it's just not generally good form to put your web site in /var/www/htdocs,
 # but people do it every day.  Like all new .new files, this won't save them this
diff --git a/source/n/httpd/httpd.url b/source/n/httpd/httpd.url
index fe13f34e3..ae8104145 100644
--- a/source/n/httpd/httpd.url
+++ b/source/n/httpd/httpd.url
@@ -1,2 +1,2 @@
-http://www.apache.org/dist/httpd/httpd-2.4.17.tar.bz2
-http://www.apache.org/dist/httpd/httpd-2.4.17.tar.bz2.asc
+http://www.apache.org/dist/httpd/httpd-2.4.33.tar.bz2
+http://www.apache.org/dist/httpd/httpd-2.4.33.tar.bz2.asc
diff --git a/source/n/httpd/rc.httpd b/source/n/httpd/rc.httpd
index 81189098f..6b251d90d 100644
--- a/source/n/httpd/rc.httpd
+++ b/source/n/httpd/rc.httpd
@@ -16,14 +16,14 @@ case "$1" in
   ;;
   'stop')
     /usr/sbin/apachectl -k stop
-    killall httpd
+    pkill -f /usr/sbin/httpd
     # Remove both old and new .pid locations:
     rm -f /var/run/httpd.pid /var/run/httpd/httpd.pid
   ;;
   'force-restart')
     # Because sometimes restarting through apachectl just doesn't do the trick...
     /usr/sbin/apachectl -k stop
-    killall httpd
+    pkill -f /usr/sbin/httpd
     # Remove both old and new .pid locations:
     rm -f /var/run/httpd.pid /var/run/httpd/httpd.pid
     /usr/sbin/apachectl -k start
diff --git a/source/n/httpd/slack-desc b/source/n/httpd/slack-desc
index 38d240b6b..3450b4184 100644
--- a/source/n/httpd/slack-desc
+++ b/source/n/httpd/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 httpd: httpd (The Apache HTTP Server)
 httpd:
 httpd: Apache is an HTTP server designed as a plug-in replacement for the
-httpd: NCSA HTTP server.  It fixes numerous bugs in the NCSA server and
+httpd: NCSA HTTP server. It fixes numerous bugs in the NCSA server and
 httpd: includes many frequently requested new features, and has an API which
 httpd: allows it to be extended to meet users' needs more easily.
 httpd:
diff --git a/source/n/icmpinfo/icmpinfo.SlackBuild b/source/n/icmpinfo/icmpinfo.SlackBuild
index fb1f90238..b4e1a40b6 100755
--- a/source/n/icmpinfo/icmpinfo.SlackBuild
+++ b/source/n/icmpinfo/icmpinfo.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=icmpinfo
 VERSION=1.11
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -33,9 +36,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-icmpinfo
 
diff --git a/source/n/icmpinfo/slack-desc b/source/n/icmpinfo/slack-desc
index 9148a482f..14e0bb0d6 100644
--- a/source/n/icmpinfo/slack-desc
+++ b/source/n/icmpinfo/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
          |-----handy-ruler------------------------------------------------------|
 icmpinfo: icmpinfo (ICMP monitoring utility)
 icmpinfo:
 icmpinfo: Icmpinfo is a tool for looking at the ICMP messages received on the
-icmpinfo: running host.  It can be used to detect and record attack attempts, as
+icmpinfo: running host. It can be used to detect and record attack attempts, as
 icmpinfo: well as help diagnose network problems.
 icmpinfo:
 icmpinfo: icmpinfo was written by Laurent Demailly.
diff --git a/source/n/idnkit/slack-desc b/source/n/idnkit/slack-desc
deleted file mode 100644
index 7c4cdf0c4..000000000
--- a/source/n/idnkit/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-      |-----handy-ruler------------------------------------------------------|
-idnkit: idnkit (Internationalized domain names toolkit)
-idnkit:
-idnkit: idnkit is a toolkit for handling internationalized domain names.
-idnkit: It includes a library for handling internationalized domain names
-idnkit: (libidnkit, libidnkitlite), a codeset conversion utility (idnconv),
-idnkit: and a command which adds IDN dynamically to applications (runidn).
-idnkit:
-idnkit:
-idnkit:
-idnkit: Homepage: http://www.nic.ad.jp/en/idn/
-idnkit:
diff --git a/source/n/iftop/iftop.SlackBuild b/source/n/iftop/iftop.SlackBuild
index 0361a4756..c66a9a63d 100755
--- a/source/n/iftop/iftop.SlackBuild
+++ b/source/n/iftop/iftop.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2012  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2012, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,31 +20,39 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=iftop
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
 mkdir -p $TMP $PKG
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -78,8 +86,8 @@ CXXFLAGS="$SLKCFLAGS" \
   --sysconfdir=/etc \
   --localstatedir=/var \
   --mandir=/usr/man \
-  --docdir=/usr/doc/$PRGNAM-$VERSION \
-  --build=$ARCH-slackware-linux
+  --docdir=/usr/doc/$PKGNAM-$VERSION \
+  --build=$ARCH-slackware-linux || exit 1
 
 # Build and install:
 make $NUMJOBS || make || exit 1
diff --git a/source/n/iftop/slack-desc b/source/n/iftop/slack-desc
index f7bc5c480..95fa73288 100644
--- a/source/n/iftop/slack-desc
+++ b/source/n/iftop/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
@@ -10,10 +10,10 @@ iftop: iftop (Display bandwidth usage on an interface)
 iftop:
 iftop: iftop does for network usage what top(1) does for CPU usage.
 iftop: It listens to network traffic on a named interface and displays a
-iftop: table of current bandwidth usage by pairs of hosts.  Handy for
+iftop: table of current bandwidth usage by pairs of hosts. Handy for
 iftop: answering the question "why is our link so slow?".
 iftop:
 iftop:
 iftop:
-iftop: Homepage:  http://www.ex-parrot.com/~pdw/iftop/
+iftop: Homepage: http://www.ex-parrot.com/~pdw/iftop/
 iftop:
diff --git a/source/n/imapd b/source/n/imapd
deleted file mode 120000
index 0120374ca..000000000
--- a/source/n/imapd
+++ /dev/null
@@ -1 +0,0 @@
-alpine
\ No newline at end of file
diff --git a/source/n/inetd/README b/source/n/inetd/README
new file mode 100644
index 000000000..546e1c06b
--- /dev/null
+++ b/source/n/inetd/README
@@ -0,0 +1,128 @@
+/*	$Slackware: inetd.c 1.79s 2001/02/06 13:18:00 volkerdi Exp $	*/
+/*	$OpenBSD: inetd.c,v 1.79 2001/01/30 08:30:57 deraadt Exp $	*/
+/*	$NetBSD: inetd.c,v 1.11 1996/02/22 11:14:41 mycroft Exp $	*/
+/*
+ * Copyright (c) 1983,1991 The Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * Inetd - Internet super-server
+ *
+ * This program invokes all internet services as needed.
+ * connection-oriented services are invoked each time a
+ * connection is made, by creating a process.  This process
+ * is passed the connection as file descriptor 0 and is
+ * expected to do a getpeername to find out the source host
+ * and port.
+ *
+ * Datagram oriented services are invoked when a datagram
+ * arrives; a process is created and passed a pending message
+ * on file descriptor 0.  Datagram servers may either connect
+ * to their peer, freeing up the original socket for inetd
+ * to receive further messages on, or ``take over the socket'',
+ * processing all arriving datagrams and, eventually, timing
+ * out.	 The first type of server is said to be ``multi-threaded'';
+ * the second type of server ``single-threaded''. 
+ *
+ * Inetd uses a configuration file which is read at startup
+ * and, possibly, at some later time in response to a hangup signal.
+ * The configuration file is ``free format'' with fields given in the
+ * order shown below.  Continuation lines for an entry must begin with
+ * a space or tab.  All fields must be present in each entry.
+ *
+ *	service name			must be in /etc/services
+ *	socket type			stream/dgram/raw/rdm/seqpacket
+ *	protocol			must be in /etc/protocols
+ *	wait/nowait[.max]		single-threaded/multi-threaded, max #
+ *	user[.group] or user[:group]	user/group to run daemon as
+ *	server program			full path name
+ *	server program arguments	maximum of MAXARGS (20)
+ *
+ * For RPC services
+ *      service name/version            must be in /etc/rpc
+ *	socket type			stream/dgram/raw/rdm/seqpacket
+ *	protocol			must be in /etc/protocols
+ *	wait/nowait[.max]		single-threaded/multi-threaded
+ *	user[.group] or user[:group]	user to run daemon as
+ *	server program			full path name
+ *	server program arguments	maximum of MAXARGS (20)
+ *
+ * For non-RPC services, the "service name" can be of the form
+ * hostaddress:servicename, in which case the hostaddress is used
+ * as the host portion of the address to listen on.  If hostaddress
+ * consists of a single `*' character, INADDR_ANY is used.
+ *
+ * A line can also consist of just
+ *      hostaddress:
+ * where hostaddress is as in the preceding paragraph.  Such a line must
+ * have no further fields; the specified hostaddress is remembered and
+ * used for all further lines that have no hostaddress specified,
+ * until the next such line (or EOF).  (This is why * is provided to
+ * allow explicit specification of INADDR_ANY.)  A line
+ *      *:
+ * is implicitly in effect at the beginning of the file.
+ *
+ * The hostaddress specifier may (and often will) contain dots;
+ * the service name must not.
+ *
+ * For RPC services, host-address specifiers are accepted and will
+ * work to some extent; however, because of limitations in the
+ * portmapper interface, it will not work to try to give more than
+ * one line for any given RPC service, even if the host-address
+ * specifiers are different.
+ *
+ * Comment lines are indicated by a `#' in column 1.
+ */
+
+/*
+ * Here's the scoop concerning the user[.:]group feature:
+ *
+ * 1) set-group-option off.
+ * 
+ * 	a) user = root:	NO setuid() or setgid() is done
+ * 
+ * 	b) other:	setgid(primary group as found in passwd)
+ * 			initgroups(name, primary group)
+ * 			setuid()
+ *
+ * 2) set-group-option on.
+ * 
+ * 	a) user = root:	setgid(specified group)
+ * 			NO initgroups()
+ * 			NO setuid()
+ *
+ * 	b) other:	setgid(specified group)
+ * 			initgroups(name, specified group)
+ * 			setuid()
+ * 
+ */
+
diff --git a/source/n/inetd/doinst.sh b/source/n/inetd/doinst.sh
new file mode 100644
index 000000000..472958d97
--- /dev/null
+++ b/source/n/inetd/doinst.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+    # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  if [ -e $OLD ]; then
+    cp -a $OLD ${NEW}.incoming
+    cat $NEW > ${NEW}.incoming
+    mv ${NEW}.incoming $NEW
+  fi
+  config $NEW
+}
+
+preserve_perms etc/rc.d/rc.inetd.new
+config etc/inetd.conf.new
+
diff --git a/source/n/inetd/inetd.SlackBuild b/source/n/inetd/inetd.SlackBuild
index e21864012..27978bf53 100755
--- a/source/n/inetd/inetd.SlackBuild
+++ b/source/n/inetd/inetd.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2017, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=inetd
 VERSION=1.79s
-BUILD=${BUILD:-9}
+BUILD=${BUILD:-11}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -33,17 +36,20 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-inetd
 
 rm -rf $PKG
 mkdir -p $TMP $PKG
 
-# Explode the package framework:
-cd $PKG
-explodepkg $CWD/_inetd.tar.gz
-
 echo "+====================+"
 echo "| inetd-OpenBSD-1.79 |"
 echo "+====================+"
@@ -63,18 +69,23 @@ zcat $CWD/fix-x86_64-daytime-segfault.diff.gz | patch -p1 || exit 1
 make || exit 1
 
 strip inetd
+mkdir -p $PKG/usr/sbin
 cat inetd > $PKG/usr/sbin/inetd
+chmod 755 $PKG/usr/sbin/inetd
+mkdir -p $PKG/usr/man/man8
 cat inetd.8 | gzip -9c > $PKG/usr/man/man8/inetd.8.gz
+mkdir -p $PKG/etc/rc.d
+cat $CWD/rc.inetd > $PKG/etc/rc.d/rc.inetd.new
+cat $CWD/inetd.conf > $PKG/etc/inetd.conf.new
+mkdir -p $PKG/usr/doc/inetd-1.79s
+cp -a $CWD/README $PKG/usr/doc/inetd-1.79s
+chown root:root $PKG/usr/doc/inetd-1.79s/README
+chmod 644 $PKG/usr/doc/inetd-1.79s/README
 
 mkdir -p $PKG/install
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
 # Build the package:
 cd $PKG
 /sbin/makepkg -l y -c n $TMP/inetd-$VERSION-$ARCH-$BUILD.txz
-
-# Clean up the extra stuff:
-if [ "$1" = "--cleanup" ]; then
- rm -rf $TMP/inetd
- rm -rf $PKG
-fi
diff --git a/source/n/inetd/inetd.conf b/source/n/inetd/inetd.conf
new file mode 100644
index 000000000..a238a10a9
--- /dev/null
+++ b/source/n/inetd/inetd.conf
@@ -0,0 +1,106 @@
+# See "man 8 inetd" for more information.
+#
+# If you make changes to this file, either reboot your machine or send the
+# inetd a HUP signal:
+# Do a "ps x" as root and look up the pid of inetd. Then do a
+# "kill -HUP <pid of inetd>".
+# The inetd will re-read this file whenever it gets that signal.
+#
+# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
+#
+# The first 4 services are really only used for debugging purposes, so
+# we comment them out since they can otherwise be used for some nasty
+# denial-of-service attacks.  If you need them, uncomment them.
+# echo   	stream	tcp	nowait	root	internal
+# echo   	dgram	udp	wait	root	internal
+# discard	stream	tcp	nowait	root	internal
+# discard	dgram	udp	wait	root	internal
+# daytime	stream	tcp	nowait	root	internal
+# daytime	dgram	udp	wait	root	internal
+# chargen	stream	tcp	nowait	root	internal
+# chargen	dgram	udp	wait	root	internal
+# time		stream	tcp	nowait	root	internal
+# time		dgram	udp	wait	root	internal
+#
+# These are standard services:
+#
+# Very Secure File Transfer Protocol (FTP) server.
+# ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  vsftpd
+#
+# Professional File Transfer Protocol (FTP) server.
+# ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  proftpd
+#
+# Telnet server:
+# telnet	stream  tcp     nowait  root    /usr/sbin/tcpd	in.telnetd
+#
+# The comsat daemon notifies the user of new mail when biff is set to y:
+# comsat        dgram   udp     wait    root    /usr/sbin/tcpd  in.comsat
+#
+# Shell, login, exec and talk are BSD protocols
+#
+# shell	stream	tcp	nowait	root	/usr/sbin/tcpd	in.rshd -L
+# login	stream	tcp	nowait	root	/usr/sbin/tcpd	in.rlogind
+# exec	stream	tcp	nowait	root	/usr/sbin/tcpd	in.rexecd
+# talk	dgram	udp	wait	root	/usr/sbin/tcpd	in.talkd
+# ntalk	dgram	udp	wait	root	/usr/sbin/tcpd	in.talkd
+#
+# To use the talk daemons from KDE, comment the talk and ntalk lines above
+# and uncomment the ones below:
+# talk    dgram   udp     wait    root    /usr/sbin/tcpd  /usr/bin/kotalkd
+# ntalk   dgram   udp     wait    root    /usr/sbin/tcpd  /usr/bin/ktalkd
+#
+# Kerberos authenticated services
+#
+# klogin	stream	tcp	nowait	root	/usr/sbin/tcpd	rlogind -k
+# eklogin	stream	tcp	nowait	root	/usr/sbin/tcpd	rlogind -k -x
+# kshell	stream	tcp	nowait	root	/usr/sbin/tcpd	rshd -k
+#
+# Services run ONLY on the Kerberos server
+#
+# krbupdate	stream	tcp	nowait	root	/usr/sbin/tcpd	registerd
+# kpasswd	stream	tcp	nowait	root	/usr/sbin/tcpd	kpasswdd
+#
+# POP and IMAP mail servers
+#
+# Post Office Protocol version 3 (POP3) server:
+# pop3    stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/popa3d
+# Internet Message Access Protocol (IMAP) server:
+# imap2   stream  tcp     nowait  root    /usr/sbin/tcpd  imapd
+#
+# The Internet Unix to Unix copy (UUCP) service:
+# uucp	stream	tcp	nowait	uucp	/usr/sbin/tcpd	/usr/lib/uucp/uucico	-l
+#
+# Tftp service is provided primarily for booting.  Most sites
+# run this only on machines acting as "boot servers." 
+# tftp  dgram   udp     wait    root    /usr/sbin/in.tftpd  in.tftpd -s /tftpboot -r blksize
+#
+# Internet Bootstrap Protocol (BOOTP) server:
+# bootps	dgram	udp	wait	root	/usr/sbin/bootpd	bootpd
+#
+# Finger, systat and netstat give out user information which may be
+# valuable to potential "system crackers."  Many sites choose to disable 
+# some or all of these services to improve security.
+# Try "telnet localhost systat" and "telnet localhost netstat" to see that
+# information yourself!
+# finger	stream	tcp	nowait	nobody	/usr/sbin/tcpd	in.fingerd -u
+# systat	stream	tcp	nowait	nobody	/usr/sbin/tcpd	/bin/ps	-auwwx
+# netstat	stream	tcp	nowait	root	/usr/sbin/tcpd	/bin/netstat	-a
+#
+# Ident service is used for net authentication
+# auth	stream	tcp	wait	root	/usr/sbin/in.identd	in.identd
+#
+# These are to start Samba, an smb server that can export filesystems to
+# Pathworks, Lanmanager for DOS, Windows for Workgroups, Windows95, Lanmanager
+# for Windows, Lanmanager for OS/2, Windows NT, etc.  
+# If you're running smbd and nmbd as daemons in /etc/rc.d/rc.samba, then you
+# shouldn't uncomment these lines.
+# netbios-ssn    stream  tcp     nowait  root    /usr/sbin/smbd  smbd
+# netbios-ns     dgram   udp     wait    root    /usr/sbin/nmbd  nmbd
+#
+# Sun-RPC based services.
+# <service name/version><sock_type><rpc/prot><flags><user><server><args>
+# rstatd/1-3	dgram	rpc/udp	wait	root	/usr/sbin/tcpd	rpc.rstatd
+# rusersd/2-3	dgram	rpc/udp	wait	root	/usr/sbin/tcpd	rpc.rusersd
+# walld/1	dgram	rpc/udp	wait	root	/usr/sbin/tcpd	rpc.rwalld
+#
+# End of inetd.conf.
diff --git a/source/n/inetd/rc.inetd b/source/n/inetd/rc.inetd
new file mode 100644
index 000000000..9fe141974
--- /dev/null
+++ b/source/n/inetd/rc.inetd
@@ -0,0 +1,36 @@
+#!/bin/sh
+# Start/stop/restart inetd, the BSD Internet super-daemon.
+
+# Start inetd:
+inetd_start() {
+  if [ -x /usr/sbin/inetd ]; then
+    echo "Starting Internet super-server daemon:  /usr/sbin/inetd"
+    /usr/sbin/inetd
+  fi
+}
+
+# Stop inetd:
+inetd_stop() {
+  killall inetd
+}
+
+# Restart inetd:
+inetd_restart() {
+  inetd_stop
+  sleep 1
+  inetd_start
+}
+
+case "$1" in
+'start')
+  inetd_start
+  ;;
+'stop')
+  inetd_stop
+  ;;
+'restart')
+  inetd_restart
+  ;;
+*)
+  echo "usage $0 start|stop|restart"
+esac
diff --git a/source/n/inetd/slack-desc b/source/n/inetd/slack-desc
index 7f5c15c53..aa8a10c97 100644
--- a/source/n/inetd/slack-desc
+++ b/source/n/inetd/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 inetd: inetd (Internet super-server)
 inetd:
 inetd: This is a program to listen for connections on certain Internet
-inetd: sockets and invokes a program to service the request.  Essentially,
+inetd: sockets and invokes a program to service the request. Essentially,
 inetd: inetd allows running one daemon to invoke several others, reducing
-inetd: load on the system.  Many of the network services are run through
+inetd: load on the system. Many of the network services are run through
 inetd: inetd, so you'll probably need it.
 inetd:
 inetd: This version of inetd was ported from OpenBSD.
diff --git a/source/n/iproute2/doinst.sh b/source/n/iproute2/doinst.sh
index 19f75595c..ddd598af0 100644
--- a/source/n/iproute2/doinst.sh
+++ b/source/n/iproute2/doinst.sh
@@ -9,11 +9,6 @@ config() {
   fi
   # Otherwise, we leave the .new copy for the admin to consider...
 }
-config etc/iproute2/ematch_map.new
-config etc/iproute2/group.new
-config etc/iproute2/rt_dsfield.new
-config etc/iproute2/rt_protos.new
-config etc/iproute2/rt_realms.new
-config etc/iproute2/rt_scopes.new
-config etc/iproute2/rt_tables.new
-config etc/iproute2/nl_protos.new
+for file in etc/iproute2/*.new ; do
+  config $file
+done
diff --git a/source/n/iproute2/iproute2-4.16.0.tar.sign b/source/n/iproute2/iproute2-4.16.0.tar.sign
new file mode 100644
index 000000000..de3e58160
--- /dev/null
+++ b/source/n/iproute2/iproute2-4.16.0.tar.sign
diff --git a/source/n/iproute2/iproute2-4.4.0.tar.sign b/source/n/iproute2/iproute2-4.4.0.tar.sign
deleted file mode 100644
index 129ba4376..000000000
--- a/source/n/iproute2/iproute2-4.4.0.tar.sign
+++ /dev/null
diff --git a/source/n/iproute2/iproute2.SlackBuild b/source/n/iproute2/iproute2.SlackBuild
index 942c6120f..bee012c40 100755
--- a/source/n/iproute2/iproute2.SlackBuild
+++ b/source/n/iproute2/iproute2.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2005-2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2005-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=iproute2
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2}
 
 #NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,6 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-iproute2
 
@@ -58,7 +67,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf iproute2-$VERSION
-tar xvf $CWD/iproute2-$VERSION.tar.xz || exit 1
+tar xvf $CWD/iproute2-$VERSION.tar.?z || exit 1
 cd iproute2-$VERSION
 
 chown -R root:root .
diff --git a/source/n/iproute2/iproute2.url b/source/n/iproute2/iproute2.url
new file mode 100644
index 000000000..815451c49
--- /dev/null
+++ b/source/n/iproute2/iproute2.url
@@ -0,0 +1 @@
+https://www.kernel.org/pub/linux/utils/net/iproute2/
diff --git a/source/n/iproute2/slack-desc b/source/n/iproute2/slack-desc
index 7f6b1d614..53932e634 100644
--- a/source/n/iproute2/slack-desc
+++ b/source/n/iproute2/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
 iproute2: iproute2 (IP routing utilities)
 iproute2:
 iproute2: These are tools used to administer many advanced IP routing features
-iproute2: in the kernel.  See Configure.help in the kernel documentation 
+iproute2: in the kernel. See Configure.help in the kernel documentation 
 iproute2: (search for iproute2) for more information on which kernel options
 iproute2: these tools are used with.
 iproute2: 
-iproute2: These utilities were written by Alexey Kuznetsov.  The current
+iproute2: These utilities were written by Alexey Kuznetsov. The current
 iproute2: maintainer of iproute2 is Stephen Hemminger.
 iproute2:
 iproute2:
diff --git a/source/n/ipset/ipset.SlackBuild b/source/n/ipset/ipset.SlackBuild
index 438ebe5cc..3cad37b5c 100755
--- a/source/n/ipset/ipset.SlackBuild
+++ b/source/n/ipset/ipset.SlackBuild
@@ -1,8 +1,8 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for ipset
 
-# Copyright 2013  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2013, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # Copyright 2013  Robby Workman, Northport, Alabama, USA
 # All rights reserved.
 #
@@ -23,8 +23,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=ipset
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -32,15 +34,23 @@ NUMJOBS=${NUMJOBS:-" -j7 "}
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -53,7 +63,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -62,7 +71,7 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
+tar xf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 
 chown -R root:root .
@@ -87,6 +96,9 @@ CXXFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \
   grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
 
diff --git a/source/n/ipset/slack-desc b/source/n/ipset/slack-desc
index 8a9e83fcc..649248694 100644
--- a/source/n/ipset/slack-desc
+++ b/source/n/ipset/slack-desc
@@ -2,17 +2,17 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
      |-----handy-ruler------------------------------------------------------|
 ipset: ipset (administration tool for kernel IP sets)
 ipset:
 ipset: IP sets are a Linux kernel framework administered by the ipset 
-ipset: utility.  Depending on the type, currently an IP set may store IP 
+ipset: utility. Depending on the type, currently an IP set may store IP 
 ipset: addresses, (TCP/UDP) port numbers, or IP addresses with MAC addresses 
 ipset: in a way which ensures lightning speed when matching an entry against 
-ipset: a set.  
+ipset: a set. 
 ipset:
 ipset: Homepage: http://ipset.netfilter.org/
 ipset:
diff --git a/source/n/iptables/iptables.SlackBuild b/source/n/iptables/iptables.SlackBuild
index a21e7f9e9..af065d931 100755
--- a/source/n/iptables/iptables.SlackBuild
+++ b/source/n/iptables/iptables.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2012, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2012, 2013, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,7 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-VERSION=${VERSION:-$(echo iptables-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=iptables
+VERSION=${VERSION:-$(echo iptables-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -35,7 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-iptables
 
@@ -57,7 +67,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf iptables-$VERSION
-tar xvf $CWD/iptables-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/iptables-$VERSION.tar.?z || exit 1
 cd iptables-$VERSION || exit 1
 
 chown -R root:root .
@@ -84,6 +94,9 @@ CFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-debug 2> /dev/null
 
diff --git a/source/n/iptables/slack-desc b/source/n/iptables/slack-desc
index 55423f5f4..1d73fd50e 100644
--- a/source/n/iptables/slack-desc
+++ b/source/n/iptables/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
@@ -16,4 +16,4 @@ iptables: internet access if you don't have enough public IP addresses, use NAT
 iptables: to implement transparent proxies, aid the tc and iproute2 systems
 iptables: used to build sophisticated QoS and policy routers, do further packet
 iptables: manipulation (mangling) like altering the TOS/DSCP/ECN bits of the IP
-iptables: header, and much more.  See:  http://www.netfilter.org
+iptables: header, and much more. See: http://www.netfilter.org
diff --git a/source/n/iptraf-ng/iptraf-ng.SlackBuild b/source/n/iptraf-ng/iptraf-ng.SlackBuild
index 65dbe2612..1b8791739 100755
--- a/source/n/iptraf-ng/iptraf-ng.SlackBuild
+++ b/source/n/iptraf-ng/iptraf-ng.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,25 +20,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=iptraf-ng
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -51,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -78,7 +86,7 @@ CFLAGS="$SLKCFLAGS" \
   --mandir=/usr/man \
   --infodir=/usr/info \
   --disable-static \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/source/n/iptraf-ng/slack-desc b/source/n/iptraf-ng/slack-desc
index 3d7e4470d..4ea740693 100644
--- a/source/n/iptraf-ng/slack-desc
+++ b/source/n/iptraf-ng/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
          |-----handy-ruler------------------------------------------------------|
@@ -11,9 +11,9 @@ iptraf-ng:
 iptraf-ng: IPTraf is a console-based network monitoring program for Linux that
 iptraf-ng: displays information about IP traffic such as:
 iptraf-ng:
-iptraf-ng:   Current TCP connections, types of IP packets, packet and byte
-iptraf-ng:   counts, TCP/UDP counts by ports, packet counts by packet sizes,
-iptraf-ng:   packet and byte counts by IP address, interface activity, flag
-iptraf-ng:   statuses on TCP packets, and other LAN station statistics.
+iptraf-ng:  Current TCP connections, types of IP packets, packet and byte
+iptraf-ng:  counts, TCP/UDP counts by ports, packet counts by packet sizes,
+iptraf-ng:  packet and byte counts by IP address, interface activity, flag
+iptraf-ng:  statuses on TCP packets, and other LAN station statistics.
 iptraf-ng:
 iptraf-ng: iptraf-ng was written by Gerard Paul Java.
diff --git a/source/n/iputils/iputils.SlackBuild b/source/n/iputils/iputils.SlackBuild
index c6a8f6967..3b6cc4d6a 100755
--- a/source/n/iputils/iputils.SlackBuild
+++ b/source/n/iputils/iputils.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2013, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=iputils
 VERSION=s20140519
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -33,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
@@ -45,7 +56,6 @@ fi
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-iputils
 
@@ -76,9 +86,9 @@ make VPATH=/usr/lib${LIBDIRSUFFIX} || exit 1
     --mandir=/usr/man \
     --infodir=/usr/info \
     --disable-static \
-    --build=$ARCH-slackware-linux
-    make
-)
+    --build=$ARCH-slackware-linux || exit 1
+    make || exit 1
+) || exit 1
 
 strip arping clockdiff ninfod/ninfod ping ping6 rarpd rdisc tracepath tracepath6 traceroute6
 mkdir -p $PKG/sbin
diff --git a/source/n/iputils/slack-desc b/source/n/iputils/slack-desc
index c2d11a413..bd898b148 100644
--- a/source/n/iputils/slack-desc
+++ b/source/n/iputils/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 iputils: iputils (a collection of common network tools)
 iputils:
 iputils: The iputils package contains network tools found on nearly all *NIX
-iputils: systems, along with an extra or two.  Some of the utilities found
+iputils: systems, along with an extra or two. Some of the utilities found
 iputils: here include arping, clockdiff, ping, ping6, rarpd, rdisc, tracepath,
 iputils: tracepath6, and traceroute6.
 iputils:
diff --git a/source/n/ipw2100-fw/ipw2100-fw.SlackBuild b/source/n/ipw2100-fw/ipw2100-fw.SlackBuild
index 6ef7bfb6e..cede2987b 100755
--- a/source/n/ipw2100-fw/ipw2100-fw.SlackBuild
+++ b/source/n/ipw2100-fw/ipw2100-fw.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2008, 2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2008, 2009, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,14 +20,21 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=ipw2100-fw
 VERSION=${VERSION:-1.3}
 ARCH=${ARCH:-fw}
 BUILD=${BUILD:-1}
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
diff --git a/source/n/ipw2200-fw/ipw2200-fw.SlackBuild b/source/n/ipw2200-fw/ipw2200-fw.SlackBuild
index e6c5a3141..94c636bee 100755
--- a/source/n/ipw2200-fw/ipw2200-fw.SlackBuild
+++ b/source/n/ipw2200-fw/ipw2200-fw.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,14 +20,21 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=ipw2200-fw
 VERSION=${VERSION:-3.1}
 ARCH=${ARCH:-fw}
 BUILD=${BUILD:-1}
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
diff --git a/source/n/irssi/irssi.SlackBuild b/source/n/irssi/irssi.SlackBuild
index 067db1564..f5a20c459 100755
--- a/source/n/irssi/irssi.SlackBuild
+++ b/source/n/irssi/irssi.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,14 +20,15 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-CWD=$(pwd)
+PKGNAM=irssi
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-irssi
 
-VERSION=0.8.19
-DIRCD=0.8.19
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo irssi-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+DIRCD=${VERSION}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -39,6 +40,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -76,11 +85,11 @@ CFLAGS="$SLKCFLAGS" \
   --mandir=/usr/man \
   --sysconfdir=/etc \
   --docdir=/usr/doc/irssi-$VERSION \
-  --enable-ipv6 \
+  --enable-true-color \
   --with-textui \
-  --with-proxy \
   --with-perl-lib=vendor \
-  --build=$ARCH-slackware-linux
+  --with-proxy \
+  --build=$ARCH-slackware-linux || exit 1
 
 make \
   docdir=/usr/doc/irssi-$VERSION \
@@ -102,7 +111,7 @@ done
 mv $PKG/etc/irssi.conf $PKG/etc/irssi.conf.new
 
 find $PKG -name perllocal.pod | xargs rm -f
-eval $(perl '-V:archlib') ; rmdir -p $PKG/$archlib
+eval $(perl '-V:archlib') ; rmdir -p $PKG/$archlib 2> /dev/null
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
@@ -123,7 +132,7 @@ if [ -d $PKG/usr/man ]; then
 fi
 
 cp -a \
-  AUTHORS COPYING INSTALL NEWS README TODO \
+  AUTHORS COPYING* INSTALL NEWS README* TODO \
   $PKG/usr/doc/irssi-$VERSION
 ( cd $PKG/usr/doc/irssi-$VERSION ; ln -sf /usr/share/irssi/help . )
 
diff --git a/source/n/irssi/slack-desc b/source/n/irssi/slack-desc
index 2a0578921..ea13d7bc2 100644
--- a/source/n/irssi/slack-desc
+++ b/source/n/irssi/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 irssi: irssi (Internet Relay Chat client)
 irssi:
-irssi: Irssi is an Internet Relay Chat client.  Designed to be both secure
+irssi: Irssi is an Internet Relay Chat client. Designed to be both secure
 irssi: and expandable, irssi is easily customized using modules and scripts.
 irssi:
-irssi: For more information, visit:  http://irssi.org
+irssi: For more information, visit: http://irssi.org
 irssi:
 irssi: irssi was written by Timo Sirainen.
 irssi:
diff --git a/source/n/iw/iw.SlackBuild b/source/n/iw/iw.SlackBuild
index 6ccba9cd0..494bae014 100755
--- a/source/n/iw/iw.SlackBuild
+++ b/source/n/iw/iw.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2008  Robert Simpson, Ventura, California, USA
-# Copyright 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,10 +21,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=iw
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,9 +37,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
diff --git a/source/n/iw/iw.url b/source/n/iw/iw.url
index b9e9c8c82..1532c5395 100644
--- a/source/n/iw/iw.url
+++ b/source/n/iw/iw.url
@@ -1,2 +1,2 @@
 HOMEPAGE="http://wireless.kernel.org/en/users/Documentation/iw"
-DOWNLOAD="https://www.kernel.org/pub/software/network/iw/iw-4.3.tar.xz"
+DOWNLOAD="https://www.kernel.org/pub/software/network/iw/iw-4.14.tar.xz"
diff --git a/source/n/iw/slack-desc b/source/n/iw/slack-desc
index ca62f79fb..7dab581b4 100644
--- a/source/n/iw/slack-desc
+++ b/source/n/iw/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
   |-----handy-ruler----------------------------------------------------------|
 iw: iw (tool for configuring Linux wireless devices)
 iw:
 iw: This package contains the `iw' tool which allows you to configure and
-iw: show information about wireless networking.  The tool is currently used
+iw: show information about wireless networking. The tool is currently used
 iw: for drivers based on the mac80211 stack, but work is under way to make
 iw: it useful for other wireless drivers as well.
 iw: 
 iw: Homepage: http://wireless.kernel.org/en/users/Documentation/iw 
-iw:   
-iw:   
-iw:   
+iw:  
+iw:  
+iw:  
diff --git a/source/n/lftp/lftp.SlackBuild b/source/n/lftp/lftp.SlackBuild
index b1aad69fe..81079405f 100755
--- a/source/n/lftp/lftp.SlackBuild
+++ b/source/n/lftp/lftp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2012  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2012, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=lftp
 VERSION=${VERSION:-$(echo lftp-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,7 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-lftp
 
@@ -59,7 +68,7 @@ mkdir -p $TMP $PKG
 cd $TMP
 rm -rf lftp-$VERSION
 tar xvf $CWD/lftp-$VERSION.tar.xz || exit 1
-cd lftp-$VERSION
+cd lftp-$VERSION || exit 1
 
 chown -R root:root .
 find . \
@@ -78,11 +87,14 @@ CXXFLAGS="$SLKCFLAGS" \
   --infodir=/usr/info \
   --docdir=/usr/doc/lftp-$VERSION \
   --with-openssl \
-  --build=${ARCH}-slackware-linux
+  --build=${ARCH}-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
diff --git a/source/n/lftp/slack-desc b/source/n/lftp/slack-desc
index 5d6a0c2c4..910967391 100644
--- a/source/n/lftp/slack-desc
+++ b/source/n/lftp/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 lftp: lftp (command line file transfer program)
 lftp:
 lftp: lftp is a program that allows sophisticated ftp and http connections
-lftp: to other hosts.  lftp can handle many file access methods including
-lftp: ftp, ftps, http, https, hftp, fish and file.  Every operation in lftp
+lftp: to other hosts. lftp can handle many file access methods including
+lftp: ftp, ftps, http, https, hftp, fish and file. Every operation in lftp
 lftp: is reliable, that is any non-fatal error is ignored and the operation
-lftp: is retried.  lftp has shell-like command syntax.  lftp has a built in
+lftp: is retried. lftp has shell-like command syntax. lftp has a built in
 lftp: mirror feature which can download or upload a whole directory tree.
-lftp: To learn about many more features of lftp, see 'man lftp'.
 lftp:
+lftp: Homepage: http://lftp.tech
 lftp:
diff --git a/source/n/libassuan/libassuan.SlackBuild b/source/n/libassuan/libassuan.SlackBuild
index 5cc18b9df..aef87965e 100755
--- a/source/n/libassuan/libassuan.SlackBuild
+++ b/source/n/libassuan/libassuan.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006-2007, 2014  Robby Workman, Tuscaloosa, AL, USA
-# Copyright 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,9 +21,11 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libassuan
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,11 +37,18 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
-PKG=$TMP/pkg-$PKGNAM
+PKG=$TMP/package-$PKGNAM
 
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
@@ -60,7 +69,7 @@ mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
 tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1
-cd $PKGNAM-$VERSION
+cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -76,11 +85,14 @@ CXXFLAGS="$SLKCFLAGS" \
   --infodir=/usr/info \
   --mandir=/usr/man \
   --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --host=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
diff --git a/source/n/libassuan/slack-desc b/source/n/libassuan/slack-desc
index 59be53b1f..8b793f6f9 100644
--- a/source/n/libassuan/slack-desc
+++ b/source/n/libassuan/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
          |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libgcrypt/libgcrypt.SlackBuild b/source/n/libgcrypt/libgcrypt.SlackBuild
index 1188af890..9441d67b1 100755
--- a/source/n/libgcrypt/libgcrypt.SlackBuild
+++ b/source/n/libgcrypt/libgcrypt.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006-2009  Robby Workman, Northport, AL, USA
-# Copyright 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,10 +21,11 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=libgcrypt
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,9 +37,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -61,7 +69,7 @@ mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
 tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1
-cd $PKGNAM-$VERSION
+cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -82,10 +90,13 @@ CXXFLAGS="$SLKCFLAGS" \
   --program-prefix="" \
   --program-suffix="" \
   --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --host=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
+
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
 
 # Move the shared library to $PKG/lib${LIBDIRSUFFIX}:
 mkdir -p $PKG/lib${LIBDIRSUFFIX}
diff --git a/source/n/libgcrypt/slack-desc b/source/n/libgcrypt/slack-desc
index 365fab642..dc29e6871 100644
--- a/source/n/libgcrypt/slack-desc
+++ b/source/n/libgcrypt/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
          |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libgpg-error/libgpg-error.SlackBuild b/source/n/libgpg-error/libgpg-error.SlackBuild
index c47d98138..8e3f05adf 100755
--- a/source/n/libgpg-error/libgpg-error.SlackBuild
+++ b/source/n/libgpg-error/libgpg-error.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006, 2009  Robby Workman, Northport, AL, USA
-# Copyright 2007, 2008, 2009, 2010, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2015, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,6 +21,7 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=libgpg-error
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
@@ -36,9 +37,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -80,10 +88,13 @@ CXXFLAGS="$SLKCFLAGS" \
   --enable-shared=yes \
   --enable-static=no \
   --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --host=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
+
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
 
 # Move the shared library to $PKG/lib${LIBDIRSUFFIX}:
 mkdir -p $PKG/lib${LIBDIRSUFFIX}
diff --git a/source/n/libgpg-error/slack-desc b/source/n/libgpg-error/slack-desc
index 1d0969cd8..71a3e9807 100644
--- a/source/n/libgpg-error/slack-desc
+++ b/source/n/libgpg-error/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
             |-----handy-ruler------------------------------------------------------|
 libgpg-error: libgpg-error (GnuPG Error Definitions Library)
 libgpg-error:
 libgpg-error: This is a library that defines common error values for all GnuPG
-libgpg-error: components.  Among these are GPG, GPGSM, GPGME, GPG-Agent, 
+libgpg-error: components. Among these are GPG, GPGSM, GPGME, GPG-Agent, 
 libgpg-error: libgcrypt, Libksba, DirMngr, Pinentry, SmartCard Daemon, and more.
 libgpg-error:
 libgpg-error:
diff --git a/source/n/libksba/libksba.SlackBuild b/source/n/libksba/libksba.SlackBuild
index de5c14410..9dcfe4913 100755
--- a/source/n/libksba/libksba.SlackBuild
+++ b/source/n/libksba/libksba.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006,2009, 2014  Robby Workman, Northport, AL, USA
-# Copyright 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,9 +21,11 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libksba
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,11 +37,18 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
-PKG=$TMP/pkg-$PKGNAM
+PKG=$TMP/package-$PKGNAM
 
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
@@ -60,7 +69,7 @@ mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
 tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1
-cd $PKGNAM-$VERSION
+cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -80,11 +89,13 @@ CXXFLAGS="$SLKCFLAGS" \
   --docdir=/usr/doc/$PKGNAM-$VERSION \
   --enable-shared=yes \
   --enable-static=no \
-  --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
+
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
diff --git a/source/n/libksba/slack-desc b/source/n/libksba/slack-desc
index aef06478d..5e4b91d1e 100644
--- a/source/n/libksba/slack-desc
+++ b/source/n/libksba/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libmbim/libmbim.SlackBuild b/source/n/libmbim/libmbim.SlackBuild
index 9fda168d7..334fbad60 100755
--- a/source/n/libmbim/libmbim.SlackBuild
+++ b/source/n/libmbim/libmbim.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libmbim
 
@@ -22,6 +22,8 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libmbim
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-2}
@@ -38,6 +40,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -52,7 +62,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
diff --git a/source/n/libmbim/slack-desc b/source/n/libmbim/slack-desc
index 8cbdf63a9..e11fd92c4 100644
--- a/source/n/libmbim/slack-desc
+++ b/source/n/libmbim/slack-desc
@@ -2,7 +2,7 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
        |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libmilter/libmilter.SlackBuild b/source/n/libmilter/libmilter.SlackBuild
new file mode 100755
index 000000000..81a64f92e
--- /dev/null
+++ b/source/n/libmilter/libmilter.SlackBuild
@@ -0,0 +1,98 @@
+#!/bin/bash
+
+# Slackware build script for libmilter
+
+# Copyright 2017  Robby Workman, Tuscaloosa, Alabama, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=libmilter
+VERSION=${VERSION:-8.15.2}
+BUILD=${BUILD:-2}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) ARCH=i586 ;;
+    arm*) ARCH=arm ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+       *) ARCH=$( uname -m ) ;;
+  esac
+fi
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+  LIBDIRSUFFIX="64"
+else
+  SLKCFLAGS="-O2"
+  LIBDIRSUFFIX=""
+fi
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+cd $TMP
+rm -rf sendmail-$VERSION
+tar xvf $CWD/sendmail.$VERSION.tar.gz || exit 1
+cd sendmail-$VERSION || exit 1
+
+chown -R root:root .
+find -L . \
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+  -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+  -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+
+# http://foss.jose-marcio.org/wiki/doku.php/doc/installation/start#libmilter
+cat $CWD/site.config.m4 | sed "s,@LIBDIRSUFFIX@,$LIBDIRSUFFIX," \
+  > devtools/Site/site.config.m4
+
+mkdir -p $PKG/usr/lib${LIBDIRSUFFIX} $PKG/usr/include/$PKGNAM
+make -C $PKGNAM O="$SLKCFLAGS" install DESTDIR=$PKG || exit 1
+
+# Change a couple of root:bin ownerships (the .a and includes) to root:root:
+chown -R root:root $PKG
+
+# Add a documentation directory:
+mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
+cp -a LICENSE libmilter/README libmilter/docs/* $PKG/usr/doc/$PKGNAM-$VERSION
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
diff --git a/source/n/libmilter/site.config.m4 b/source/n/libmilter/site.config.m4
new file mode 100644
index 000000000..5e95b2018
--- /dev/null
+++ b/source/n/libmilter/site.config.m4
@@ -0,0 +1,6 @@
+APPENDDEF(`conf_libmilter_ENVDEF',`-DNETINET6=1')
+APPENDDEF(`conf_libmilter_ENVDEF',`-D_FFR_WORKERS_POOL=1 -DMIN_WORKERS=4')
+APPENDDEF(`conf_libmilter_ENVDEF',`-DSM_CONF_POLL=1')
+APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER')
+APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ')
+APPENDDEF(`confLIBDIR', `/usr/lib@LIBDIRSUFFIX@ ')
diff --git a/source/n/libmilter/slack-desc b/source/n/libmilter/slack-desc
new file mode 100644
index 000000000..aa1455b02
--- /dev/null
+++ b/source/n/libmilter/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+         |-----handy-ruler------------------------------------------------------|
+libmilter: libmilter (sendmail Mail Filter API)
+libmilter:
+libmilter: The sendmail Mail Filter API (Milter) is designed to allow third
+libmilter: party programs access to mail messages as they are being processed 
+libmilter: in order to filter meta-information and content. 
+libmilter:
+libmilter:
+libmilter:
+libmilter:
+libmilter:
+libmilter:
diff --git a/source/n/libmnl/libmnl.SlackBuild b/source/n/libmnl/libmnl.SlackBuild
index d693bb371..e38a471e7 100755
--- a/source/n/libmnl/libmnl.SlackBuild
+++ b/source/n/libmnl/libmnl.SlackBuild
@@ -1,8 +1,8 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libmnl
 
-# Copyright 2013  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2013, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # Copyright 2013  Robby Workman, Northport, Alabama, USA
 # All rights reserved.
 #
@@ -23,24 +23,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libmnl
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -53,7 +63,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -89,6 +98,16 @@ make install DESTDIR=$PKG || exit 1
 
 rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la
 
+# Move the shared library to $PKG/lib${LIBDIRSUFFIX}:
+mkdir -p $PKG/lib${LIBDIRSUFFIX}
+( cd $PKG/usr/lib${LIBDIRSUFFIX}
+  for file in lib*.so.?.* ; do
+    mv $file ../../lib${LIBDIRSUFFIX}
+    ln -sf ../../lib${LIBDIRSUFFIX}/$file .
+  done
+  cp -a lib*.so.? ../../lib${LIBDIRSUFFIX}
+)
+
 find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \
   grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
 
diff --git a/source/n/libmnl/slack-desc b/source/n/libmnl/slack-desc
index 8a96e06b7..b4d585a5f 100644
--- a/source/n/libmnl/slack-desc
+++ b/source/n/libmnl/slack-desc
@@ -2,16 +2,16 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
       |-----handy-ruler------------------------------------------------------|
 libmnl: libmnl (user-space library oriented to Netlink developers)
 libmnl:
 libmnl: libmnl is a minimalistic user-space library oriented to Netlink
-libmnl: developers.  There are a lot of common tasks in parsing, validating,
+libmnl: developers. There are a lot of common tasks in parsing, validating,
 libmnl: constructing of both the Netlink header and TLVs that are repetitive
-libmnl: and easy to get wrong.  This library aims to provide simple helpers
+libmnl: and easy to get wrong. This library aims to provide simple helpers
 libmnl: that allows you to re-use code and to avoid re-inventing the wheel.
 libmnl:
 libmnl: Homepage: http://www.netfilter.org/projects/libmnl/
diff --git a/source/n/libndp/libndp.SlackBuild b/source/n/libndp/libndp.SlackBuild
index c29cbda4a..8aae6f1be 100755
--- a/source/n/libndp/libndp.SlackBuild
+++ b/source/n/libndp/libndp.SlackBuild
@@ -1,9 +1,9 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libndp
 
 # Copyright 2014  Robby Workman, Northport, Alabama, USA
-# Copyright 2015, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2015, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -23,9 +23,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libndp
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
@@ -35,7 +37,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -78,11 +87,14 @@ CXXFLAGS="$SLKCFLAGS" \
   --mandir=/usr/man \
   --disable-static \
   --docdir=/usr/doc/$PKGNAM-$VERSION \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \
   grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
 
diff --git a/source/n/libndp/slack-desc b/source/n/libndp/slack-desc
index 9808c0d41..408480d1d 100644
--- a/source/n/libndp/slack-desc
+++ b/source/n/libndp/slack-desc
@@ -2,7 +2,7 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
       |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libnetfilter_acct/libnetfilter_acct.SlackBuild b/source/n/libnetfilter_acct/libnetfilter_acct.SlackBuild
index 6639271a8..0d709201e 100755
--- a/source/n/libnetfilter_acct/libnetfilter_acct.SlackBuild
+++ b/source/n/libnetfilter_acct/libnetfilter_acct.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libnetfilter_acct
 
@@ -22,28 +22,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnetfilter_acct
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/libnetfilter_acct/slack-desc b/source/n/libnetfilter_acct/slack-desc
index e8b8a4371..bef8839ec 100644
--- a/source/n/libnetfilter_acct/slack-desc
+++ b/source/n/libnetfilter_acct/slack-desc
@@ -2,7 +2,7 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
                  |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild b/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild
index 29f58a239..22afe73cf 100755
--- a/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild
+++ b/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libnetfilter_conntrack
 
@@ -22,8 +22,10 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnetfilter_conntrack
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -38,7 +40,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -60,7 +69,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION
 chown -R root:root .
 find . \
diff --git a/source/n/libnetfilter_conntrack/slack-desc b/source/n/libnetfilter_conntrack/slack-desc
index 1bd1a5785..c22407cd6 100644
--- a/source/n/libnetfilter_conntrack/slack-desc
+++ b/source/n/libnetfilter_conntrack/slack-desc
@@ -2,7 +2,7 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
                       |-----handy-ruler------------------------------------------------------|
@@ -13,7 +13,7 @@ libnetfilter_conntrack: interface (API) to the in-kernel connection tracking sta
 libnetfilter_conntrack: This library is currently used by conntrack-tools and many other
 libnetfilter_conntrack: applications.
 libnetfilter_conntrack:
-libnetfilter_conntrack:
+libnetfilter_conntrack: Homepage: https://www.netfilter.org/projects/libnetfilter_conntrack
 libnetfilter_conntrack:
 libnetfilter_conntrack:
 libnetfilter_conntrack:
diff --git a/source/n/libnetfilter_cthelper/libnetfilter_cthelper.SlackBuild b/source/n/libnetfilter_cthelper/libnetfilter_cthelper.SlackBuild
index e11413056..2bf3822fc 100755
--- a/source/n/libnetfilter_cthelper/libnetfilter_cthelper.SlackBuild
+++ b/source/n/libnetfilter_cthelper/libnetfilter_cthelper.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libnetfilter_cthelper
 
@@ -22,28 +22,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnetfilter_cthelper
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/libnetfilter_cthelper/slack-desc b/source/n/libnetfilter_cthelper/slack-desc
index 818240651..63b257976 100644
--- a/source/n/libnetfilter_cthelper/slack-desc
+++ b/source/n/libnetfilter_cthelper/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
                      |-----handy-ruler------------------------------------------------------|
@@ -11,7 +11,7 @@ libnetfilter_cthelper:
 libnetfilter_cthelper: Connection tracking helpers allows you to filter multi-flow protocols
 libnetfilter_cthelper: that usually separate control and data traffic into different flows.
 libnetfilter_cthelper: This is the case of application protocols like FTP, SIP and H.323 that
-libnetfilter_cthelper: are already supported by Netfilter.  These helpers are implemented in
+libnetfilter_cthelper: are already supported by Netfilter. These helpers are implemented in
 libnetfilter_cthelper: kernel-space.
 libnetfilter_cthelper:
 libnetfilter_cthelper:
diff --git a/source/n/libnetfilter_cttimeout/libnetfilter_cttimeout.SlackBuild b/source/n/libnetfilter_cttimeout/libnetfilter_cttimeout.SlackBuild
index 6ab035263..47168d76e 100755
--- a/source/n/libnetfilter_cttimeout/libnetfilter_cttimeout.SlackBuild
+++ b/source/n/libnetfilter_cttimeout/libnetfilter_cttimeout.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libnetfilter_cttimeout
 
@@ -22,28 +22,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnetfilter_cttimeout
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/libnetfilter_cttimeout/slack-desc b/source/n/libnetfilter_cttimeout/slack-desc
index cd7ab0dcc..7afb50083 100644
--- a/source/n/libnetfilter_cttimeout/slack-desc
+++ b/source/n/libnetfilter_cttimeout/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
                       |-----handy-ruler------------------------------------------------------|
@@ -10,7 +10,7 @@ libnetfilter_cttimeout: libnetfilter_cttimeout (connection tracking timeout libr
 libnetfilter_cttimeout:
 libnetfilter_cttimeout: libnetfilter_cttimeout is the userspace library that provides the
 libnetfilter_cttimeout: programming interface to the fine-grain connection tracking timeout
-libnetfilter_cttimeout: infrastructure.  With this library, you can create, update and delete
+libnetfilter_cttimeout: infrastructure. With this library, you can create, update and delete
 libnetfilter_cttimeout: timeout policies that can be attached to traffic flows.
 libnetfilter_cttimeout:
 libnetfilter_cttimeout:
diff --git a/source/n/libnetfilter_log/libnetfilter_log.SlackBuild b/source/n/libnetfilter_log/libnetfilter_log.SlackBuild
index 6b91e21bb..20fecfca3 100755
--- a/source/n/libnetfilter_log/libnetfilter_log.SlackBuild
+++ b/source/n/libnetfilter_log/libnetfilter_log.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libnetfilter_log
 
@@ -22,28 +22,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnetfilter_log
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/libnetfilter_log/slack-desc b/source/n/libnetfilter_log/slack-desc
index 6af9c7541..42ec54ec7 100644
--- a/source/n/libnetfilter_log/slack-desc
+++ b/source/n/libnetfilter_log/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
                 |-----handy-ruler------------------------------------------------------|
 libnetfilter_log: libnetfilter_log (userspace packet logging library)
 libnetfilter_log:
 libnetfilter_log: libnetfilter_log is a userspace library providing interface to
-libnetfilter_log: packets that have been logged by the kernel packet filter.  It is
+libnetfilter_log: packets that have been logged by the kernel packet filter. It is
 libnetfilter_log: part of a system that deprecates the old syslog/dmesg based packet
-libnetfilter_log: logging.  This library has been previously known as libnfnetlink_log.
+libnetfilter_log: logging. This library has been previously known as libnfnetlink_log.
 libnetfilter_log:
 libnetfilter_log: Homepage: http://www.netfilter.org/projects/libnetfilter_log/
 libnetfilter_log:
diff --git a/source/n/libnetfilter_queue/libnetfilter_queue.SlackBuild b/source/n/libnetfilter_queue/libnetfilter_queue.SlackBuild
index 1e64432b5..149d3180e 100755
--- a/source/n/libnetfilter_queue/libnetfilter_queue.SlackBuild
+++ b/source/n/libnetfilter_queue/libnetfilter_queue.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libnetfilter_queue
 
@@ -22,28 +22,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnetfilter_queue
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/libnetfilter_queue/slack-desc b/source/n/libnetfilter_queue/slack-desc
index b43b8fe5f..a95881333 100644
--- a/source/n/libnetfilter_queue/slack-desc
+++ b/source/n/libnetfilter_queue/slack-desc
@@ -2,14 +2,14 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
                   |-----handy-ruler------------------------------------------------------|
 libnetfilter_queue: libnetfilter_queue (userspace API for netfilter packet queueing)
 libnetfilter_queue:
 libnetfilter_queue: libnetfilter_queue is a userspace library providing an API to packets
-libnetfilter_queue: that have been queued by the kernel packet filter.  It is part of a 
+libnetfilter_queue: that have been queued by the kernel packet filter. It is part of a 
 libnetfilter_queue: system that deprecates the old ip_queue / libipq mechanism.
 libnetfilter_queue:
 libnetfilter_queue: libnetfilter_queue has been previously known as libnfnetlink_queue. 
diff --git a/source/n/libnfnetlink/libnfnetlink.SlackBuild b/source/n/libnfnetlink/libnfnetlink.SlackBuild
index 8aa62de44..8d3a1446d 100755
--- a/source/n/libnfnetlink/libnfnetlink.SlackBuild
+++ b/source/n/libnfnetlink/libnfnetlink.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libnfnetlink
 
@@ -22,28 +22,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnfnetlink
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/libnfnetlink/slack-desc b/source/n/libnfnetlink/slack-desc
index 35dbc7459..af5fa4f2f 100644
--- a/source/n/libnfnetlink/slack-desc
+++ b/source/n/libnfnetlink/slack-desc
@@ -2,14 +2,14 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
             |-----handy-ruler------------------------------------------------------|
 libnfnetlink: libnfnetlink (library for netfilter kernel/userspace comm)
 libnfnetlink: 
 libnfnetlink: libnfnetlink is the low-level library for netfilter related 
-libnfnetlink: kernel/userspace communication.  It provides a generic messaging
+libnfnetlink: kernel/userspace communication. It provides a generic messaging
 libnfnetlink: infrastructure for in-kernel netfilter subsystems (such as 
 libnfnetlink: nfnetlink_log, nfnetlink_queue, nfnetlink_conntrack) and their 
 libnfnetlink: respective users and/or management tools in userspace.
diff --git a/source/n/libnftnl/libnftnl.SlackBuild b/source/n/libnftnl/libnftnl.SlackBuild
index 8f1cca8cc..5dc043563 100755
--- a/source/n/libnftnl/libnftnl.SlackBuild
+++ b/source/n/libnftnl/libnftnl.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2014  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2014, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libnftnl
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.lz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -36,6 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -59,7 +68,7 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
+tar xf $CWD/$PKGNAM-$VERSION.tar.lz || exit 1
 cd $PKGNAM-$VERSION || exit 1
 
 chown -R root:root .
diff --git a/source/n/libnftnl/slack-desc b/source/n/libnftnl/slack-desc
index 2b30721c0..8ad405266 100644
--- a/source/n/libnftnl/slack-desc
+++ b/source/n/libnftnl/slack-desc
@@ -2,7 +2,7 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
         |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libqmi/libqmi.SlackBuild b/source/n/libqmi/libqmi.SlackBuild
index 826fc32b1..3c35af38a 100755
--- a/source/n/libqmi/libqmi.SlackBuild
+++ b/source/n/libqmi/libqmi.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for libqmi
 
@@ -22,24 +22,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libqmi
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -52,7 +62,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
diff --git a/source/n/libqmi/slack-desc b/source/n/libqmi/slack-desc
index bdbc0eb71..108c67239 100644
--- a/source/n/libqmi/slack-desc
+++ b/source/n/libqmi/slack-desc
@@ -2,7 +2,7 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
        |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/libtirpc/libtirpc.SlackBuild b/source/n/libtirpc/libtirpc.SlackBuild
index 997dd8137..ba4d01cca 100755
--- a/source/n/libtirpc/libtirpc.SlackBuild
+++ b/source/n/libtirpc/libtirpc.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2015  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2015, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -26,8 +26,10 @@
 # Remark:   Kerberos 5, remove '--disable-gssapi' from the configure flags
 # Remark:   below and rebuild.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=libtirpc
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-2}
 
 # To build with GSS support (requires Kerberos 5 libraries), pass any value
@@ -45,6 +47,14 @@ if [ -z "$ARCH" ]; then
   export ARCH
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i386" ]; then
@@ -73,7 +83,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -82,8 +91,8 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
-cd $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
+cd $PKGNAM-$VERSION || exit 1
 
 chown -R root:root .
 find . \
@@ -108,12 +117,15 @@ CFLAGS="$SLKCFLAGS" \
   --mandir=/usr/man \
   --disable-static \
   $GSSAPI \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 # Build and install:
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 # Make etc/netconfig file a .new:
 mv $PKG/etc/netconfig $PKG/etc/netconfig.new
 
diff --git a/source/n/libtirpc/slack-desc b/source/n/libtirpc/slack-desc
index 426c79175..11f36f2e6 100644
--- a/source/n/libtirpc/slack-desc
+++ b/source/n/libtirpc/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
 libtirpc: libtirpc (Transport-Independent RPC library)
 libtirpc:
 libtirpc: Libtirpc is a port of Sun's Transport-Independent RPC library to
-libtirpc: Linux.  It is being developed by Bull GNU/Linux NFSv4 project.
+libtirpc: Linux. It is being developed by Bull GNU/Linux NFSv4 project.
 libtirpc:
 libtirpc: You will need this library if you plan to use RPC with a GLIBC
 libtirpc: version newer than 2.13, because the RPC stack has been removed
-libtirpc: from GLIBC versions newer than 2.13.  The library is required
+libtirpc: from GLIBC versions newer than 2.13. The library is required
 libtirpc: by the 'rpcbind' package.
 libtirpc:
 libtirpc: http://sourceforge.net/projects/libtirpc/
diff --git a/source/n/links/links.SlackBuild b/source/n/links/links.SlackBuild
index be6dac9e6..7de324090 100755
--- a/source/n/links/links.SlackBuild
+++ b/source/n/links/links.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=links
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
@@ -34,9 +36,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-links
 
@@ -54,7 +63,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf links-$VERSION
-tar xvf $CWD/links-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/links-$VERSION.tar.?z || exit 1
 cd links-$VERSION || exit 1
 chown -R root:root .
 find . \
@@ -70,11 +79,9 @@ CFLAGS="$SLKCFLAGS" \
 ./configure \
   --prefix=/usr \
   --sysconfdir=/etc \
-  --enable-javascript \
   --enable-graphics \
-  --without-x \
-  --without-sdl \
-  --build=$ARCH-slackware-linux
+  --with-ssl \
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 
diff --git a/source/n/links/links.url b/source/n/links/links.url
new file mode 100644
index 000000000..b43a0c301
--- /dev/null
+++ b/source/n/links/links.url
@@ -0,0 +1 @@
+http://links.twibright.com/download
diff --git a/source/n/links/slack-desc b/source/n/links/slack-desc
index 0d6b14bbd..b510ea66e 100644
--- a/source/n/links/slack-desc
+++ b/source/n/links/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
@@ -10,7 +10,7 @@ links: links (WWW browser for the console)
 links:
 links: Links is a console mode WWW browser, supporting colors, correct table
 links: rendering, background downloading, frames, Javascript, and a menu
-links: driven configuration interface.  The default is text output, but
+links: driven configuration interface. The default is text output, but
 links: graphical output (using -g) is also supported using the Linux
 links: framebuffer console or SVGAlib.
 links:
diff --git a/source/n/lynx/doinst.sh b/source/n/lynx/doinst.sh
new file mode 100644
index 000000000..79c367133
--- /dev/null
+++ b/source/n/lynx/doinst.sh
@@ -0,0 +1,13 @@
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+    # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+config etc/lynx.cfg.new
diff --git a/source/n/lynx/lynx-CVE-2008-4690.patch b/source/n/lynx/lynx-CVE-2008-4690.patch
new file mode 100644
index 000000000..a0a6a3206
--- /dev/null
+++ b/source/n/lynx/lynx-CVE-2008-4690.patch
@@ -0,0 +1,61 @@
+From c60c227ab9a36246730d7454e33d40d2c66c88b3 Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Wed, 13 Feb 2013 15:26:22 +0100
+Subject: [PATCH] fix CVE-2008-4690
+
+prompt user before executing command via a lynxcgi link even in advanced mode,
+as the actual URL may not be shown but hidden behind an HTTP redirect and set
+TRUSTED_LYNXCGI:none in lynx.cfg to disable all lynxcgi URLs by default
+---
+ CHANGES     |    7 +++++++
+ lynx.cfg    |    2 +-
+ src/LYCgi.c |    2 +-
+ 3 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/CHANGES b/CHANGES
+index 360be68..8eca013 100644
+--- a/CHANGES
++++ b/CHANGES
+@@ -1237,6 +1237,13 @@ Changes since Lynx 2.8 release
+ * update win32 makefiles/build scripts to add LYmktime, parsdate modules -TD
+ * update config.guess (2008-04-14), config.sub (2008-06-16)
+ 
++2008-10-26
++* modify patch for CVE-2005-2929 to prompt user before executing command via
++  a lynxcgi link even in advanced mode, as the actual URL may not be shown but
++  hidden behind an HTTP redirect
++* set TRUSTED_LYNXCGI:none in lynx.cfg to disable all lynxcgi URLs by default
++  [CVE-2008-4690]
++
+ 2008-09-21 (2.8.7dev.10)
+ * remove rw.po, since the translation project no longer supplies it -TD
+ * implement "readonly" attribute for TEXTAREA and TEXT fields -TD
+diff --git a/lynx.cfg b/lynx.cfg
+index ee2aad3..144050d 100644
+--- a/lynx.cfg
++++ b/lynx.cfg
+@@ -1087,7 +1087,7 @@ CHARACTER_SET:utf-8
+ #
+ # The default TRUSTED_LYNXCGI rule is "none".
+ #
+-#TRUSTED_LYNXCGI:none
++TRUSTED_LYNXCGI:none
+ 
+ .h2 LYNXCGI_ENVIRONMENT
+ # Unix:
+diff --git a/src/LYCgi.c b/src/LYCgi.c
+index 832bb89..0ae8a7e 100644
+--- a/src/LYCgi.c
++++ b/src/LYCgi.c
+@@ -167,7 +167,7 @@ static BOOL can_exec_cgi(const char *linktext, const char *linkargs)
+     if (!exec_ok(HTLoadedDocumentURL(), linktext, CGI_PATH)) {
+ 	/* exec_ok gives out msg. */
+ 	result = FALSE;
+-    } else {
++    } else if (user_mode < ADVANCED_MODE) {
+ 	StrAllocCopy(command, linktext);
+ 	if (non_empty(linkargs)) {
+ 	    HTSprintf(&command, " %s", linkargs);
+-- 
+1.7.1
+
diff --git a/source/n/lynx/lynx.SlackBuild b/source/n/lynx/lynx.SlackBuild
index 9ee032f9a..721c4afe7 100755
--- a/source/n/lynx/lynx.SlackBuild
+++ b/source/n/lynx/lynx.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2012, 2016  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2012, 2016, 2017, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-PKGVER=2.8.8rel.2
-DIRVER=2-8-8
+PKGNAM=lynx
+PKGVER=2.8.9dev.19
+DIRVER=2.8.9dev.19
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -37,6 +39,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$PKGVER-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -51,7 +61,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-lynx
 
@@ -70,7 +79,9 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
-# Apply recolorizing patch:
+zcat $CWD/lynx-CVE-2008-4690.patch.gz | patch -p1 --verbose || exit 1
+
+# Change default colors:
 zcat $CWD/lynx.cfg.diff.gz | patch -p1 --verbose --backup || exit 1
 
 CFLAGS="$SLKCFLAGS" \
@@ -117,6 +128,9 @@ make install DESTDIR=$PKG || exit 1
 make install-help DESTDIR=$PKG || exit 1
 make install-doc DESTDIR=$PKG || exit 1
 
+# Make lynx.cfg a preserved config file:
+mv $PKG/etc/lynx.cfg $PKG/etc/lynx.cfg.new
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
@@ -144,6 +158,7 @@ fi
 gzip -9 $PKG/usr/man/man?/*.?
 
 mkdir -p $PKG/install
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
diff --git a/source/n/lynx/lynx.cfg.diff b/source/n/lynx/lynx.cfg.diff
index c7ab6257f..244dbd02c 100644
--- a/source/n/lynx/lynx.cfg.diff
+++ b/source/n/lynx/lynx.cfg.diff
@@ -1,7 +1,6 @@
-diff -Nur lynx2-8-7.orig/lynx.cfg lynx2-8-7/lynx.cfg
---- lynx2-8-7.orig/lynx.cfg	2009-06-23 18:53:58.000000000 -0500
-+++ lynx2-8-7/lynx.cfg	2009-12-03 15:35:18.744461098 -0600
-@@ -3025,8 +3025,18 @@
+--- ./lynx.cfg.orig	2014-03-09 16:43:10.000000000 -0500
++++ ./lynx.cfg	2017-05-29 14:35:52.629203408 -0500
+@@ -2969,8 +2969,18 @@
  #COLOR:4:magenta:white
  #COLOR:5:blue:white
  #COLOR:6:red:white
@@ -19,5 +18,5 @@ diff -Nur lynx2-8-7.orig/lynx.cfg lynx2-8-7/lynx.cfg
 +COLOR:6:brightred:black
 +COLOR:7:magenta:cyan
  
- 
  .h2 COLOR_STYLE
+ # Also known as "lss" (lynx style-sheet), the color-style file assigns color
diff --git a/source/n/lynx/slack-desc b/source/n/lynx/slack-desc
index c9209d298..7005f7ba4 100644
--- a/source/n/lynx/slack-desc
+++ b/source/n/lynx/slack-desc
@@ -1,18 +1,18 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 lynx: Lynx (text mode browser)
 lynx:
 lynx: Lynx is a distributed hypertext browser with full World Wide Web
-lynx: capabilities.  Lynx can be used to access information on the World 
+lynx: capabilities. Lynx can be used to access information on the World 
 lynx: Wide Web, or to build information systems intended primarily for local
-lynx: access.  For example, Lynx has been used to build several Campus Wide
-lynx: Information Systems (CWIS).  
+lynx: access. For example, Lynx has been used to build several Campus Wide
+lynx: Information Systems (CWIS). 
 lynx:
 lynx: Lynx's authors include Lou Montulli, Garrett Blythe, Craig Lavender,
 lynx: Michael Grobe, and Charles Rezac.
diff --git a/source/n/mailx/heirloom-mailx-12.5-fixes-1.patch b/source/n/mailx/heirloom-mailx-12.5-fixes-1.patch
deleted file mode 100644
index fa6d51197..000000000
--- a/source/n/mailx/heirloom-mailx-12.5-fixes-1.patch
+++ /dev/null
@@ -1,232 +0,0 @@
-Submitted By: Ken Moffat <ken at linuxfromscratch dot org>
-Date: 2014-12-27
-Initial Package Version: 12.5
-Upstream Status: Unknown
-Origin: Changes to remove SSL2 found at debian, remainder from redhat.
-Description: Removes support for SSL2 (openssl no longer supports it)
-and fixes CVE-2004-2771 [sic] and CVE-2014-7844.
-
-diff -Naur heirloom-mailx-12.5/extern.h heirloom-mailx-12.5-patched/extern.h
---- heirloom-mailx-12.5/extern.h	2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/extern.h	2014-12-27 01:26:59.654169487 +0000
-@@ -396,7 +396,7 @@
- int is_fileaddr(char *name);
- struct name *usermap(struct name *names);
- struct name *cat(struct name *n1, struct name *n2);
--char **unpack(struct name *np);
-+char **unpack(struct name *smopts, struct name *np);
- struct name *elide(struct name *names);
- int count(struct name *np);
- struct name *delete_alternates(struct name *np);
-diff -Naur heirloom-mailx-12.5/fio.c heirloom-mailx-12.5-patched/fio.c
---- heirloom-mailx-12.5/fio.c	2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/fio.c	2014-12-27 01:27:15.634561413 +0000
-@@ -43,12 +43,15 @@
- #endif /* not lint */
- 
- #include "rcv.h"
-+
-+#ifndef HAVE_WORDEXP
-+#error wordexp support is required
-+#endif
-+
- #include <sys/stat.h>
- #include <sys/file.h>
- #include <sys/wait.h>
--#ifdef	HAVE_WORDEXP
- #include <wordexp.h>
--#endif	/* HAVE_WORDEXP */
- #include <unistd.h>
- 
- #if defined (USE_NSS)
-@@ -481,7 +484,6 @@
- static char *
- globname(char *name)
- {
--#ifdef	HAVE_WORDEXP
- 	wordexp_t we;
- 	char *cp;
- 	sigset_t nset;
-@@ -495,7 +497,7 @@
- 	sigemptyset(&nset);
- 	sigaddset(&nset, SIGCHLD);
- 	sigprocmask(SIG_BLOCK, &nset, NULL);
--	i = wordexp(name, &we, 0);
-+	i = wordexp(name, &we, WRDE_NOCMD);
- 	sigprocmask(SIG_UNBLOCK, &nset, NULL);
- 	switch (i) {
- 	case 0:
-@@ -527,65 +529,6 @@
- 	}
- 	wordfree(&we);
- 	return cp;
--#else	/* !HAVE_WORDEXP */
--	char xname[PATHSIZE];
--	char cmdbuf[PATHSIZE];		/* also used for file names */
--	int pid, l;
--	char *cp, *shell;
--	int pivec[2];
--	extern int wait_status;
--	struct stat sbuf;
--
--	if (pipe(pivec) < 0) {
--		perror("pipe");
--		return name;
--	}
--	snprintf(cmdbuf, sizeof cmdbuf, "echo %s", name);
--	if ((shell = value("SHELL")) == NULL)
--		shell = SHELL;
--	pid = start_command(shell, 0, -1, pivec[1], "-c", cmdbuf, NULL);
--	if (pid < 0) {
--		close(pivec[0]);
--		close(pivec[1]);
--		return NULL;
--	}
--	close(pivec[1]);
--again:
--	l = read(pivec[0], xname, sizeof xname);
--	if (l < 0) {
--		if (errno == EINTR)
--			goto again;
--		perror("read");
--		close(pivec[0]);
--		return NULL;
--	}
--	close(pivec[0]);
--	if (wait_child(pid) < 0 && WTERMSIG(wait_status) != SIGPIPE) {
--		fprintf(stderr, catgets(catd, CATSET, 81,
--				"\"%s\": Expansion failed.\n"), name);
--		return NULL;
--	}
--	if (l == 0) {
--		fprintf(stderr, catgets(catd, CATSET, 82,
--					"\"%s\": No match.\n"), name);
--		return NULL;
--	}
--	if (l == sizeof xname) {
--		fprintf(stderr, catgets(catd, CATSET, 83,
--				"\"%s\": Expansion buffer overflow.\n"), name);
--		return NULL;
--	}
--	xname[l] = 0;
--	for (cp = &xname[l-1]; *cp == '\n' && cp > xname; cp--)
--		;
--	cp[1] = '\0';
--	if (strchr(xname, ' ') && stat(xname, &sbuf) < 0) {
--		fprintf(stderr, catgets(catd, CATSET, 84,
--				"\"%s\": Ambiguous.\n"), name);
--		return NULL;
--	}
--	return savestr(xname);
--#endif	/* !HAVE_WORDEXP */
- }
- 
- /*
-diff -Naur heirloom-mailx-12.5/mailx.1 heirloom-mailx-12.5-patched/mailx.1
---- heirloom-mailx-12.5/mailx.1	2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/mailx.1	2014-12-27 01:26:53.838026857 +0000
-@@ -656,6 +656,14 @@
- will have the system wide alias expanded
- as all mail goes through sendmail.
- .SS "Recipient address specifications"
-+If the
-+.I expandaddr
-+option is not set (the default), recipient addresses must be names of
-+local mailboxes or Internet mail addresses.
-+.PP
-+If the
-+.I expandaddr
-+option is set, the following rules apply:
- When an address is used to name a recipient
- (in any of To, Cc, or Bcc),
- names of local mail folders
-@@ -2391,6 +2399,12 @@
- If this option is set,
- \fImailx\fR starts even with an empty mailbox.
- .TP
-+.B expandaddr
-+Causes
-+.I mailx
-+to expand message recipient addresses, as explained in the section,
-+Recipient address specifications.
-+.TP
- .B flipr
- Exchanges the
- .I Respond
-@@ -3575,7 +3589,7 @@
- .TP
- .B ssl-method
- Selects a SSL/TLS protocol version;
--valid values are `ssl2', `ssl3', and `tls1'.
-+valid values are `ssl3', and `tls1'.
- If unset, the method is selected automatically,
- if possible.
- .TP
-diff -Naur heirloom-mailx-12.5/names.c heirloom-mailx-12.5-patched/names.c
---- heirloom-mailx-12.5/names.c	2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/names.c	2014-12-27 01:26:59.654169487 +0000
-@@ -268,6 +268,9 @@
- 	FILE *fout, *fin;
- 	int ispipe;
- 
-+	if (value("expandaddr") == NULL)
-+		return names;
-+
- 	top = names;
- 	np = names;
- 	time(&now);
-@@ -546,7 +549,7 @@
-  * Return an error if the name list won't fit.
-  */
- char **
--unpack(struct name *np)
-+unpack(struct name *smopts, struct name *np)
- {
- 	char **ap, **top;
- 	struct name *n;
-@@ -561,7 +564,7 @@
- 	 * the terminating 0 pointer.  Additional spots may be needed
- 	 * to pass along -f to the host mailer.
- 	 */
--	extra = 2;
-+	extra = 3 + count(smopts);
- 	extra++;
- 	metoo = value("metoo") != NULL;
- 	if (metoo)
-@@ -578,6 +581,10 @@
- 		*ap++ = "-m";
- 	if (verbose)
- 		*ap++ = "-v";
-+	for (; smopts != NULL; smopts = smopts->n_flink)
-+		if ((smopts->n_type & GDEL) == 0)
-+			*ap++ = smopts->n_name;
-+	*ap++ = "--";
- 	for (; n != NULL; n = n->n_flink)
- 		if ((n->n_type & GDEL) == 0)
- 			*ap++ = n->n_name;
-diff -Naur heirloom-mailx-12.5/openssl.c heirloom-mailx-12.5-patched/openssl.c
---- heirloom-mailx-12.5/openssl.c	2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/openssl.c	2014-12-27 01:26:34.385549867 +0000
-@@ -216,9 +216,7 @@
- 
- 	cp = ssl_method_string(uhp);
- 	if (cp != NULL) {
--		if (equal(cp, "ssl2"))
--			method = SSLv2_client_method();
--		else if (equal(cp, "ssl3"))
-+		if (equal(cp, "ssl3"))
- 			method = SSLv3_client_method();
- 		else if (equal(cp, "tls1"))
- 			method = TLSv1_client_method();
-diff -Naur heirloom-mailx-12.5/sendout.c heirloom-mailx-12.5-patched/sendout.c
---- heirloom-mailx-12.5/sendout.c	2011-04-26 22:23:22.000000000 +0100
-+++ heirloom-mailx-12.5-patched/sendout.c	2014-12-27 01:26:59.654169487 +0000
-@@ -835,7 +835,7 @@
- #endif	/* HAVE_SOCKETS */
- 
- 	if ((smtp = value("smtp")) == NULL) {
--		args = unpack(cat(mailargs, to));
-+		args = unpack(mailargs, to);
- 		if (debug || value("debug")) {
- 			printf(catgets(catd, CATSET, 181,
- 					"Sendmail arguments:"));
diff --git a/source/n/mailx/mailx-12.5-globname-Invoke-wordexp-with-WRDE_NOCMD-CVE-2004-277.patch b/source/n/mailx/mailx-12.5-globname-Invoke-wordexp-with-WRDE_NOCMD-CVE-2004-277.patch
new file mode 100644
index 000000000..a7fb9d362
--- /dev/null
+++ b/source/n/mailx/mailx-12.5-globname-Invoke-wordexp-with-WRDE_NOCMD-CVE-2004-277.patch
@@ -0,0 +1,25 @@
+From 73fefa0c1ac70043ec84f2d8b8f9f683213f168d Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Mon, 17 Nov 2014 13:11:32 +0100
+Subject: [PATCH 4/4] globname: Invoke wordexp with WRDE_NOCMD (CVE-2004-2771)
+
+---
+ fio.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fio.c b/fio.c
+index 1529236..774a204 100644
+--- a/fio.c
++++ b/fio.c
+@@ -497,7 +497,7 @@ globname(char *name)
+ 	sigemptyset(&nset);
+ 	sigaddset(&nset, SIGCHLD);
+ 	sigprocmask(SIG_BLOCK, &nset, NULL);
+-	i = wordexp(name, &we, 0);
++	i = wordexp(name, &we, WRDE_NOCMD);
+ 	sigprocmask(SIG_UNBLOCK, &nset, NULL);
+ 	switch (i) {
+ 	case 0:
+-- 
+1.9.3
+
diff --git a/source/n/mailx/mailx-12.5-openssl.patch b/source/n/mailx/mailx-12.5-openssl.patch
new file mode 100644
index 000000000..210890bc4
--- /dev/null
+++ b/source/n/mailx/mailx-12.5-openssl.patch
@@ -0,0 +1,41 @@
+diff --git a/openssl.c b/openssl.c
+index b4e33fc..9d1eaf4 100644
+--- a/openssl.c
++++ b/openssl.c
+@@ -136,6 +136,7 @@ ssl_rand_init(void)
+ 	int state = 0;
+ 
+ 	if ((cp = value("ssl-rand-egd")) != NULL) {
++#ifndef OPENSSL_NO_EGD
+ 		cp = expand(cp);
+ 		if (RAND_egd(cp) == -1) {
+ 			fprintf(stderr, catgets(catd, CATSET, 245,
+@@ -143,6 +144,9 @@ ssl_rand_init(void)
+ 					cp);
+ 		} else
+ 			state = 1;
++#else
++		fprintf(stderr, "entropy daemon not available\n");
++#endif
+ 	} else if ((cp = value("ssl-rand-file")) != NULL) {
+ 		cp = expand(cp);
+ 		if (RAND_load_file(cp, 1024) == -1) {
+@@ -216,9 +220,16 @@ ssl_select_method(const char *uhp)
+ 
+ 	cp = ssl_method_string(uhp);
+ 	if (cp != NULL) {
+-		if (equal(cp, "ssl2"))
++		if (equal(cp, "ssl2")) {
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ 			method = SSLv2_client_method();
+-		else if (equal(cp, "ssl3"))
++#else
++	/* SSLv2 support was removed in OpenSSL 1.1.0 */
++			fprintf(stderr, catgets(catd, CATSET, 244,
++					"Unsupported SSL method \"%s\"\n"), cp);
++			method = SSLv23_client_method();
++#endif
++		} else if (equal(cp, "ssl3"))
+ 			method = SSLv3_client_method();
+ 		else if (equal(cp, "tls1"))
+ 			method = TLSv1_client_method();
diff --git a/source/n/mailx/mailx-12.5-outof-Introduce-expandaddr-flag.patch b/source/n/mailx/mailx-12.5-outof-Introduce-expandaddr-flag.patch
new file mode 100644
index 000000000..c3479e284
--- /dev/null
+++ b/source/n/mailx/mailx-12.5-outof-Introduce-expandaddr-flag.patch
@@ -0,0 +1,64 @@
+From 9984ae5cb0ea0d61df1612b06952a61323c083d9 Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Mon, 17 Nov 2014 11:13:38 +0100
+Subject: [PATCH 1/4] outof: Introduce expandaddr flag
+
+Document that address expansion is disabled unless the expandaddr
+binary option is set.
+
+This has been assigned CVE-2014-7844 for BSD mailx, but it is not
+a vulnerability in Heirloom mailx because this feature was documented.
+---
+ mailx.1 | 14 ++++++++++++++
+ names.c |  3 +++
+ 2 files changed, 17 insertions(+)
+
+diff --git a/mailx.1 b/mailx.1
+index 70a7859..22a171b 100644
+--- a/mailx.1
++++ b/mailx.1
+@@ -656,6 +656,14 @@ but any reply returned to the machine
+ will have the system wide alias expanded
+ as all mail goes through sendmail.
+ .SS "Recipient address specifications"
++If the
++.I expandaddr
++option is not set (the default), recipient addresses must be names of
++local mailboxes or Internet mail addresses.
++.PP
++If the
++.I expandaddr
++option is set, the following rules apply:
+ When an address is used to name a recipient
+ (in any of To, Cc, or Bcc),
+ names of local mail folders
+@@ -2391,6 +2399,12 @@ and exits immediately.
+ If this option is set,
+ \fImailx\fR starts even with an empty mailbox.
+ .TP
++.B expandaddr
++Causes
++.I mailx
++to expand message recipient addresses, as explained in the section,
++Recipient address specifications.
++.TP
+ .B flipr
+ Exchanges the
+ .I Respond
+diff --git a/names.c b/names.c
+index 66e976b..c69560f 100644
+--- a/names.c
++++ b/names.c
+@@ -268,6 +268,9 @@ outof(struct name *names, FILE *fo, struct header *hp)
+ 	FILE *fout, *fin;
+ 	int ispipe;
+ 
++	if (value("expandaddr") == NULL)
++		return names;
++
+ 	top = names;
+ 	np = names;
+ 	time(&now);
+-- 
+1.9.3
+
diff --git a/source/n/mailx/mailx.SlackBuild b/source/n/mailx/mailx.SlackBuild
index 1495b41ed..5f9835b93 100755
--- a/source/n/mailx/mailx.SlackBuild
+++ b/source/n/mailx/mailx.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=mailx
 VERSION=12.5
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -34,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -46,7 +56,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-mailx
 rm -rf $PKG
@@ -57,7 +66,9 @@ rm -rf mailx-$VERSION
 tar xvf $CWD/mailx-$VERSION.tar.?z* || exit 1
 cd mailx-$VERSION || exit 1
 
-zcat $CWD/heirloom-mailx-12.5-fixes-1.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/mailx-12.5-openssl.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/mailx-12.5-globname-Invoke-wordexp-with-WRDE_NOCMD-CVE-2004-277.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/mailx-12.5-outof-Introduce-expandaddr-flag.patch.gz | patch -p1 --verbose || exit 1
 
 chown -R root:root .
 find . \
@@ -71,7 +82,7 @@ make CFLAGS="$SLKCFLAGS" \
      MANDIR=/usr/man \
      MAILSPOOL=/var/spool/mail \
      UCBINSTALL=/usr/bin/install \
-     SENDMAIL=/usr/sbin/sendmail
+     SENDMAIL=/usr/sbin/sendmail || exit 1
 
 make install DESTDIR=$PKG \
              CFLAGS="$SLKCFLAGS" \
@@ -79,7 +90,7 @@ make install DESTDIR=$PKG \
              MANDIR=/usr/man \
              MAILSPOOL=/var/spool/mail \
              UCBINSTALL=/usr/bin/install \
-             SENDMAIL=/usr/sbin/sendmail
+             SENDMAIL=/usr/sbin/sendmail || exit 1
 
 # We put symlinks in /bin since some things still expect '/bin/mail' or '/bin/Mail':
 mkdir -p $PKG/bin
diff --git a/source/n/mailx/slack-desc b/source/n/mailx/slack-desc
index d02c6f03f..76c010d76 100644
--- a/source/n/mailx/slack-desc
+++ b/source/n/mailx/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/mcabber/mcabber.SlackBuild b/source/n/mcabber/mcabber.SlackBuild
index bef6c821b..35468c8f9 100755
--- a/source/n/mcabber/mcabber.SlackBuild
+++ b/source/n/mcabber/mcabber.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=mcabber
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-4}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -37,7 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
@@ -78,7 +86,7 @@ CFLAGS="$SLKCFLAGS" \
   --sysconfdir=/etc \
   --localstatedir=/var \
   --mandir=/usr/man \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 # Build and install:
 make $NUMJOBS || make || exit 1
diff --git a/source/n/mcabber/slack-desc b/source/n/mcabber/slack-desc
index e8cfe6653..2f3c5ad0c 100644
--- a/source/n/mcabber/slack-desc
+++ b/source/n/mcabber/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 mcabber: mcabber (Jabber console client)
 mcabber:
 mcabber: mcabber is a small Jabber console client for Linux, maintained by
-mcabber: Mikael Berthe.  Mcabber includes features such as SSL support,
+mcabber: Mikael Berthe. Mcabber includes features such as SSL support,
 mcabber: multi-user chat (MUC), history logging, commands completion, and
 mcabber: external actions triggers.
 mcabber:
-mcabber: mcabber project home is:  http://www.lilotux.net/~mikael/mcabber/
+mcabber: mcabber project home is: http://www.lilotux.net/~mikael/mcabber/
 mcabber:
 mcabber:
 mcabber:
diff --git a/source/n/metamail/metamail.SlackBuild b/source/n/metamail/metamail.SlackBuild
index cbf9241f9..2062a08a9 100755
--- a/source/n/metamail/metamail.SlackBuild
+++ b/source/n/metamail/metamail.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2009  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2009, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,23 +21,34 @@
 
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=metamail
 VERSION=2.7
-BUILD=${BUILD:-5}
+BUILD=${BUILD:-7}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -56,7 +67,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-metamail
 
@@ -64,8 +74,8 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf metamail-$VERSION
-xz -dc $CWD/metamail-$VERSION.tar.xz | tar xvf - || exit 1
-cd metamail-$VERSION
+tar xvf $CWD/metamail-$VERSION.tar.xz || exit 1
+cd metamail-$VERSION || exit 1
 
 xz -dc $CWD/metamail_2.7-54.diff.xz | patch -p1 || exit 1
 xz -dc $CWD/metamail.automake.diff.xz | patch -p1 || exit 1
@@ -87,7 +97,7 @@ CFLAGS="$SLKCFLAGS" \
   --disable-static \
   --program-prefix="" \
   --program-suffix="" \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 ( cd bin
   cat showexternal | perl -pi -e 's|sensible-pager|more|' > se
@@ -109,15 +119,18 @@ make $NUMJOBS || make || exit 1
 
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 ( cd fonts
-  make
+  make || exit 1
   mkdir -p $PKG/usr/share/metamail/fonts
   for file in *.pcf ; do
     cat $file > $PKG/usr/share/metamail/fonts/$file
   done
   cat fonts.alias > $PKG/usr/share/metamail/fonts/fonts.alias
   cat fonts.dir > $PKG/usr/share/metamail/fonts/fonts.dir
-)
+) || exit 1
 
 ( cd man
   mkdir -p $PKG/usr/man/man{1,5}
diff --git a/source/n/metamail/slack-desc b/source/n/metamail/slack-desc
index 65cdef8b3..58d157392 100644
--- a/source/n/metamail/slack-desc
+++ b/source/n/metamail/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
@@ -10,7 +10,7 @@ metamail: metamail (MIME extensions for mail)
 metamail:
 metamail: Metamail is an implementation of MIME, the Multipurpose Internet
 metamail: Mail Extensions, a proposed standard for multimedia mail on the
-metamail: Internet.  Metamail implements MIME, and also implements extensibility
+metamail: Internet. Metamail implements MIME, and also implements extensibility
 metamail: and configuration via the "mailcap" mechanism described in an
 metamail: informational RFC that is a companion to the MIME document.
 metamail:
diff --git a/source/n/mobile-broadband-provider-info/README b/source/n/mobile-broadband-provider-info/README
deleted file mode 100644
index 0edda7448..000000000
--- a/source/n/mobile-broadband-provider-info/README
+++ /dev/null
@@ -1,2 +0,0 @@
-This package contains mobile broadband settings for different service 
-providers in different countries.
diff --git a/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild b/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild
index 1ba342b37..2ba3a0b56 100755
--- a/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild
+++ b/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for mobile-broadband-provider-info
 
@@ -24,10 +24,11 @@
 
 # Modified 2011, 2012  by Eric Hameleers, Eindhoven, NL
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=mobile-broadband-provider-info
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
-TAG=${TAG:-}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 MARCH=$( uname -m )
@@ -41,7 +42,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 OUTPUT=${OUTPUT:-/tmp}
@@ -68,14 +76,12 @@ case "$ARCH" in
     *)    TARGET=$ARCH-slackware-linux ;;
 esac
 
-set -e
-
 rm -rf $PKG
 mkdir -p $TMP $PKG $OUTPUT
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.?z*
-cd $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
+cd $PKGNAM-$VERSION || exit 1
 
 chown -R root:root .
 find . \
@@ -99,23 +105,22 @@ CXXFLAGS="$SLKCFLAGS" \
   --localstatedir=/var \
   --mandir=/usr/man \
   --docdir=/usr/doc/$PKGNAM-$VERSION \
-  --build=$TARGET
+  --build=$TARGET || exit 1
 
-make
-make install DESTDIR=$PKG
+make || exit 1
+make install DESTDIR=$PKG || exit 1
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
 
 mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
 cp -a \
-  COPYING ChangeLog NEWS README \
+  COPYING* ChangeLog NEWS README* \
   $PKG/usr/doc/$PKGNAM-$VERSION
-cat $CWD/$PKGNAM.SlackBuild > $PKG/usr/doc/$PKGNAM-$VERSION/$PKGNAM.SlackBuild
 
 mkdir -p $PKG/install
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
-/sbin/makepkg -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-txz}
+/sbin/makepkg -l y -c n $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
 
diff --git a/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.pc.diff b/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.pc.diff
deleted file mode 100644
index fe326518d..000000000
--- a/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.pc.diff
+++ /dev/null
@@ -1,10 +0,0 @@
---- ./mobile-broadband-provider-info.pc.in.orig	2012-01-22 14:06:15.000000000 -0600
-+++ ./mobile-broadband-provider-info.pc.in	2012-04-14 15:24:56.990965523 -0500
-@@ -1,6 +1,6 @@
- prefix=@prefix@
- exec_prefix=@exec_prefix@
--libdir=@libdir
-+libdir=@libdir@
- datarootdir = @datarootdir@
- pkgdatadir=${datarootdir}/@PACKAGE@
- includedir=@includedir@
diff --git a/source/n/mobile-broadband-provider-info/slack-desc b/source/n/mobile-broadband-provider-info/slack-desc
index 100517f8e..a31e3609a 100644
--- a/source/n/mobile-broadband-provider-info/slack-desc
+++ b/source/n/mobile-broadband-provider-info/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
                               |-----handy-ruler------------------------------------------------------|
@@ -11,9 +11,9 @@ mobile-broadband-provider-info:
 mobile-broadband-provider-info: This package contains mobile broadband settings for service providers
 mobile-broadband-provider-info: in various countries.
 mobile-broadband-provider-info:
+mobile-broadband-provider-info: For more info, see:
+mobile-broadband-provider-info: http://live.gnome.org/NetworkManager/MobileBroadband/ServiceProviders
 mobile-broadband-provider-info:
 mobile-broadband-provider-info:
-mobile-broadband-provider-info: For more info, see:
 mobile-broadband-provider-info:
-mobile-broadband-provider-info: http://live.gnome.org/NetworkManager/MobileBroadband/ServiceProviders
 mobile-broadband-provider-info:
diff --git a/source/n/mtr/mtr.SlackBuild b/source/n/mtr/mtr.SlackBuild
index c3b4ded87..ae69b7475 100755
--- a/source/n/mtr/mtr.SlackBuild
+++ b/source/n/mtr/mtr.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006 Eric Hameleers, Eindhoven, Netherlands 
-# Copyright 2007, 2008, 2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,10 +21,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=mtr
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,6 +37,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -48,7 +57,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 rm -rf $PKG
@@ -73,7 +81,7 @@ CFLAGS="$SLKCFLAGS" \
   --localstatedir=/var \
   --sysconfdir=/etc \
   --without-gtk \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make DESTDIR=$PKG install || exit 1
diff --git a/source/n/mtr/slack-desc b/source/n/mtr/slack-desc
index 3383d6660..745df9ec4 100644
--- a/source/n/mtr/slack-desc
+++ b/source/n/mtr/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
    |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/mutt/mutt.SlackBuild b/source/n/mutt/mutt.SlackBuild
index dddc2cb83..7abde88cc 100755
--- a/source/n/mutt/mutt.SlackBuild
+++ b/source/n/mutt/mutt.SlackBuild
@@ -1,5 +1,5 @@
-#!/bin/sh
-# Copyright 2002-2015  Patrick J. Volkerding, Sebeka, Minnesota, USA
+#!/bin/bash
+# Copyright 2002-2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -19,8 +19,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=mutt
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
@@ -33,8 +35,15 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
-CWD=`pwd` 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i486" ]; then
@@ -54,7 +63,7 @@ rm -rf $PKG
 mkdir $PKG
 cd $TMP
 rm -rf mutt-$VERSION
-tar xvf $CWD/mutt-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/mutt-$VERSION.tar.?z || exit 1
 cd mutt-$VERSION || exit 1
 chown -R root:root .
 
@@ -73,7 +82,9 @@ CFLAGS="$SLKCFLAGS" \
   --enable-smtp \
   --enable-gpgme \
   --enable-hcache \
-  --build=$ARCH-slackware-linux
+  --enable-sidebar \
+  --enable-compressed \
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/source/n/mutt/slack-desc b/source/n/mutt/slack-desc
index eda6d811d..96a5880cb 100644
--- a/source/n/mutt/slack-desc
+++ b/source/n/mutt/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 mutt: Mutt (the Mutt mail user agent)
 mutt:
-mutt: Mutt is a small but very powerful text-based MIME mail client.  Mutt
+mutt: Mutt is a small but very powerful text-based MIME mail client. Mutt
 mutt: is highly configurable, and is well suited to the mail power user with
 mutt: advanced features like key bindings, keyboard macros, mail threading,
 mutt: regular expression searches and a powerful pattern matching language
 mutt: for selecting groups of messages.
 mutt:
-mutt:
+mutt: Project homepage: http://www.mutt.org
 mutt:
 mutt:
diff --git a/source/n/nc/nc.SlackBuild b/source/n/nc/nc.SlackBuild
index 90f133d9f..b2dc364ce 100755
--- a/source/n/nc/nc.SlackBuild
+++ b/source/n/nc/nc.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,23 +20,33 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=nc
 VERSION=1.10
 SRCVER=110
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
 elif [ "$ARCH" = "x86_64" ]; then
@@ -45,7 +55,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-nc
 rm -rf $PKG
diff --git a/source/n/nc/slack-desc b/source/n/nc/slack-desc
index a00d0ea4e..550a93835 100644
--- a/source/n/nc/slack-desc
+++ b/source/n/nc/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
   |-----handy-ruler------------------------------------------------------|
@@ -10,7 +10,7 @@ nc: nc (Netcat network utility)
 nc:
 nc: Netcat, or "nc" as the actual program is named, is a simple utility
 nc: which reads and writes data across network connections, using TCP or
-nc: UDP protocol.  It is designed to be a reliable "back-end" tool that
+nc: UDP protocol. It is designed to be a reliable "back-end" tool that
 nc: can be used directly or easily driven by other programs and scripts.
 nc: At the same time, it is a feature-rich network debugging and
 nc: exploration tool, since it can create almost any kind of connection
diff --git a/source/n/ncftp/ncftp.SlackBuild b/source/n/ncftp/ncftp.SlackBuild
index f859b0878..06a5787b1 100755
--- a/source/n/ncftp/ncftp.SlackBuild
+++ b/source/n/ncftp/ncftp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,25 +20,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=ncftp
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 2 -d - | rev)}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 2 -d - | rev)}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
 elif [ "$ARCH" = "x86_64" ]; then
@@ -47,7 +56,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-ncftp
 rm -rf $PKG
@@ -55,7 +63,7 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf ncftp-$VERSION
-tar xvf $CWD/ncftp-$VERSION-src.tar.?z* || exit 1
+tar xvf $CWD/ncftp-$VERSION-src.tar.xz || exit 1
 cd ncftp-$VERSION || exit 1
 chown -R root:root .
 find . \
@@ -69,7 +77,7 @@ CFLAGS="$SLKCFLAGS" \
   --prefix=/usr \
   --sysconfdir=/etc \
   --mandir=/usr/man \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/source/n/ncftp/slack-desc b/source/n/ncftp/slack-desc
index 61a0807d8..ca35f9bd6 100644
--- a/source/n/ncftp/slack-desc
+++ b/source/n/ncftp/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 ncftp: ncftp (ftp client)
 ncftp:
 ncftp: NcFTP is a user interface to the Internet standard File Transfer
-ncftp: Protocol.  This program allows a user to transfer files to and from a
+ncftp: Protocol. This program allows a user to transfer files to and from a
 ncftp: remote network site, and offers additional features that are not found
 ncftp: in the standard interface for ftp.
 ncftp:
-ncftp:
+ncftp: Homepage: http://www.ncftp.com/ncftp/
 ncftp:
 ncftp:
 ncftp:
diff --git a/source/n/net-snmp/net-snmp-5.7.3-Fix-Makefile-PL.patch b/source/n/net-snmp/net-snmp-5.7.3-Fix-Makefile-PL.patch
new file mode 100644
index 000000000..735f01447
--- /dev/null
+++ b/source/n/net-snmp/net-snmp-5.7.3-Fix-Makefile-PL.patch
@@ -0,0 +1,22 @@
+diff -up net-snmp-5.7.3/perl/ASN/Makefile.PL.orig net-snmp-5.7.3/perl/ASN/Makefile.PL
+--- net-snmp-5.7.3/perl/ASN/Makefile.PL.orig	2016-05-06 10:35:30.005905040 +0200
++++ net-snmp-5.7.3/perl/ASN/Makefile.PL	2016-05-06 10:35:57.518776400 +0200
+@@ -3,6 +3,7 @@ require 5;
+ use Config;
+ use Getopt::Long;
+ my $lib_version;
++my %MakeParams = ();
+ 
+ # See lib/ExtUtils/MakeMaker.pm for details of how to influence
+ # the contents of the Makefile that is written.
+diff -up net-snmp-5.7.3/perl/Makefile.PL.orig net-snmp-5.7.3/perl/Makefile.PL
+--- net-snmp-5.7.3/perl/Makefile.PL.orig	2016-05-06 10:34:38.975143641 +0200
++++ net-snmp-5.7.3/perl/Makefile.PL	2016-05-06 10:35:13.326983024 +0200
+@@ -2,6 +2,7 @@ use ExtUtils::MakeMaker;
+ use Config;
+ use Getopt::Long;
+ require 5;
++my %MakeParams = ();
+ 
+ %MakeParams = InitMakeParams();
+ 
diff --git a/source/n/net-snmp/net-snmp-5.7.3-Remove-U64-typedef.patch b/source/n/net-snmp/net-snmp-5.7.3-Remove-U64-typedef.patch
new file mode 100644
index 000000000..a506c06af
--- /dev/null
+++ b/source/n/net-snmp/net-snmp-5.7.3-Remove-U64-typedef.patch
@@ -0,0 +1,2519 @@
+From 477b4307ef12ddce3b6a9205e0bdddbfb2e0e9b6 Mon Sep 17 00:00:00 2001
+From: Bart Van Assche <bvanassche@acm.org>
+Date: Sat, 20 Feb 2016 18:58:18 -0800
+Subject: [PATCH] Remove U64 typedef
+
+The U64 typedef conflicts with a typedef in a Perl header file. Hence
+remove the U64 typedef from the Net-SNMP header files. This patch does
+not modify the Net-SNMP ABI.
+---
+ agent/mibgroup/if-mib/ifXTable/ifXTable.c          |  16 +-
+ agent/mibgroup/if-mib/ifXTable/ifXTable.h          |  48 +-
+ .../mibgroup/if-mib/ifXTable/ifXTable_interface.c  |  32 +-
+ .../ip-mib/data_access/systemstats_common.c        |   2 +-
+ .../ipIfStatsTable/ipIfStatsTable_data_get.c       |  28 +-
+ .../ipIfStatsTable/ipIfStatsTable_data_get.h       |  28 +-
+ .../ipIfStatsTable/ipIfStatsTable_interface.c      |  56 +-
+ .../ip-mib/ipSystemStatsTable/ipSystemStatsTable.c |  28 +-
+ .../ip-mib/ipSystemStatsTable/ipSystemStatsTable.h | 921 ++-------------------
+ .../ipSystemStatsTable_interface.c                 |  56 +-
+ include/net-snmp/data_access/ipstats.h             |  42 +-
+ include/net-snmp/library/int64.h                   |  34 +-
+ snmplib/int64.c                                    |  38 +-
+ snmplib/read_config.c                              |   6 +-
+ testing/fulltests/unit-tests/T015int64_clib.c      |  10 +-
+ 15 files changed, 274 insertions(+), 1071 deletions(-)
+
+diff --git a/agent/mibgroup/if-mib/ifXTable/ifXTable.c b/agent/mibgroup/if-mib/ifXTable/ifXTable.c
+index bb3e736..0c952ba 100644
+--- a/agent/mibgroup/if-mib/ifXTable/ifXTable.c
++++ b/agent/mibgroup/if-mib/ifXTable/ifXTable.c
+@@ -722,7 +722,7 @@ The total number of octets received on the interface,
+  */
+ int
+ ifHCInOctets_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                 U64 * ifHCInOctets_val_ptr)
++                 struct counter64 *ifHCInOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCInOctets_val_ptr);
+@@ -779,7 +779,7 @@ The number of packets, delivered by this sub-layer to a
+  */
+ int
+ ifHCInUcastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                    U64 * ifHCInUcastPkts_val_ptr)
++                    struct counter64 *ifHCInUcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCInUcastPkts_val_ptr);
+@@ -838,7 +838,7 @@ The number of packets, delivered by this sub-layer to a
+  */
+ int
+ ifHCInMulticastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                        U64 * ifHCInMulticastPkts_val_ptr)
++                        struct counter64 *ifHCInMulticastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCInMulticastPkts_val_ptr);
+@@ -897,7 +897,7 @@ The number of packets, delivered by this sub-layer to a
+  */
+ int
+ ifHCInBroadcastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                        U64 * ifHCInBroadcastPkts_val_ptr)
++                        struct counter64 *ifHCInBroadcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCInBroadcastPkts_val_ptr);
+@@ -955,7 +955,7 @@ The total number of octets transmitted out of the
+  */
+ int
+ ifHCOutOctets_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                  U64 * ifHCOutOctets_val_ptr)
++                  struct counter64 *ifHCOutOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCOutOctets_val_ptr);
+@@ -1013,7 +1013,7 @@ The total number of packets that higher-level protocols
+  */
+ int
+ ifHCOutUcastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                     U64 * ifHCOutUcastPkts_val_ptr)
++                     struct counter64 *ifHCOutUcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCOutUcastPkts_val_ptr);
+@@ -1074,7 +1074,7 @@ The total number of packets that higher-level protocols
+  */
+ int
+ ifHCOutMulticastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                         U64 * ifHCOutMulticastPkts_val_ptr)
++                         struct counter64 *ifHCOutMulticastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCOutMulticastPkts_val_ptr);
+@@ -1134,7 +1134,7 @@ The total number of packets that higher-level protocols
+  */
+ int
+ ifHCOutBroadcastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                         U64 * ifHCOutBroadcastPkts_val_ptr)
++                         struct counter64 *ifHCOutBroadcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ifHCOutBroadcastPkts_val_ptr);
+diff --git a/agent/mibgroup/if-mib/ifXTable/ifXTable.h b/agent/mibgroup/if-mib/ifXTable/ifXTable.h
+index ba22f97..925af13 100644
+--- a/agent/mibgroup/if-mib/ifXTable/ifXTable.h
++++ b/agent/mibgroup/if-mib/ifXTable/ifXTable.h
+@@ -143,28 +143,28 @@ config_require(if-mib/ifXTable/ifXTable_data_access)
+                                            u_long *
+                                            ifOutBroadcastPkts_val_ptr);
+     int             ifHCInOctets_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                     U64 * ifHCInOctets_val_ptr);
++                                     struct counter64 *ifHCInOctets_val_ptr);
+     int             ifHCInUcastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                        U64 * ifHCInUcastPkts_val_ptr);
++                                        struct counter64 *ifHCInUcastPkts_val_ptr);
+     int             ifHCInMulticastPkts_get(ifXTable_rowreq_ctx *
+                                             rowreq_ctx,
+-                                            U64 *
++                                            struct counter64 *
+                                             ifHCInMulticastPkts_val_ptr);
+     int             ifHCInBroadcastPkts_get(ifXTable_rowreq_ctx *
+                                             rowreq_ctx,
+-                                            U64 *
++                                            struct counter64 *
+                                             ifHCInBroadcastPkts_val_ptr);
+     int             ifHCOutOctets_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                      U64 * ifHCOutOctets_val_ptr);
++                                      struct counter64 *ifHCOutOctets_val_ptr);
+     int             ifHCOutUcastPkts_get(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                         U64 * ifHCOutUcastPkts_val_ptr);
++                                         struct counter64 *ifHCOutUcastPkts_val_ptr);
+     int             ifHCOutMulticastPkts_get(ifXTable_rowreq_ctx *
+                                              rowreq_ctx,
+-                                             U64 *
++                                             struct counter64 *
+                                              ifHCOutMulticastPkts_val_ptr);
+     int             ifHCOutBroadcastPkts_get(ifXTable_rowreq_ctx *
+                                              rowreq_ctx,
+-                                             U64 *
++                                             struct counter64 *
+                                              ifHCOutBroadcastPkts_val_ptr);
+     int             ifLinkUpDownTrapEnable_get(ifXTable_rowreq_ctx *
+                                                rowreq_ctx,
+@@ -284,86 +284,86 @@ config_require(if-mib/ifXTable/ifXTable_data_access)
+ 
+     int             ifHCInOctets_check_value(ifXTable_rowreq_ctx *
+                                              rowreq_ctx,
+-                                             U64 ifHCInOctets_val);
++                                             struct counter64 ifHCInOctets_val);
+     int             ifHCInOctets_undo_setup(ifXTable_rowreq_ctx *
+                                             rowreq_ctx);
+     int             ifHCInOctets_set(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                     U64 ifHCInOctets_val);
++                                     struct counter64 ifHCInOctets_val);
+     int             ifHCInOctets_undo(ifXTable_rowreq_ctx * rowreq_ctx);
+ 
+     int             ifHCInUcastPkts_check_value(ifXTable_rowreq_ctx *
+                                                 rowreq_ctx,
+-                                                U64 ifHCInUcastPkts_val);
++                                                struct counter64 ifHCInUcastPkts_val);
+     int             ifHCInUcastPkts_undo_setup(ifXTable_rowreq_ctx *
+                                                rowreq_ctx);
+     int             ifHCInUcastPkts_set(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                        U64 ifHCInUcastPkts_val);
++                                        struct counter64 ifHCInUcastPkts_val);
+     int             ifHCInUcastPkts_undo(ifXTable_rowreq_ctx * rowreq_ctx);
+ 
+     int             ifHCInMulticastPkts_check_value(ifXTable_rowreq_ctx *
+                                                     rowreq_ctx,
+-                                                    U64
++                                                    struct counter64
+                                                     ifHCInMulticastPkts_val);
+     int             ifHCInMulticastPkts_undo_setup(ifXTable_rowreq_ctx *
+                                                    rowreq_ctx);
+     int             ifHCInMulticastPkts_set(ifXTable_rowreq_ctx *
+                                             rowreq_ctx,
+-                                            U64 ifHCInMulticastPkts_val);
++                                            struct counter64 ifHCInMulticastPkts_val);
+     int             ifHCInMulticastPkts_undo(ifXTable_rowreq_ctx *
+                                              rowreq_ctx);
+ 
+     int             ifHCInBroadcastPkts_check_value(ifXTable_rowreq_ctx *
+                                                     rowreq_ctx,
+-                                                    U64
++                                                    struct counter64
+                                                     ifHCInBroadcastPkts_val);
+     int             ifHCInBroadcastPkts_undo_setup(ifXTable_rowreq_ctx *
+                                                    rowreq_ctx);
+     int             ifHCInBroadcastPkts_set(ifXTable_rowreq_ctx *
+                                             rowreq_ctx,
+-                                            U64 ifHCInBroadcastPkts_val);
++                                            struct counter64 ifHCInBroadcastPkts_val);
+     int             ifHCInBroadcastPkts_undo(ifXTable_rowreq_ctx *
+                                              rowreq_ctx);
+ 
+     int             ifHCOutOctets_check_value(ifXTable_rowreq_ctx *
+                                               rowreq_ctx,
+-                                              U64 ifHCOutOctets_val);
++                                              struct counter64 ifHCOutOctets_val);
+     int             ifHCOutOctets_undo_setup(ifXTable_rowreq_ctx *
+                                              rowreq_ctx);
+     int             ifHCOutOctets_set(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                      U64 ifHCOutOctets_val);
++                                      struct counter64 ifHCOutOctets_val);
+     int             ifHCOutOctets_undo(ifXTable_rowreq_ctx * rowreq_ctx);
+ 
+     int             ifHCOutUcastPkts_check_value(ifXTable_rowreq_ctx *
+                                                  rowreq_ctx,
+-                                                 U64 ifHCOutUcastPkts_val);
++                                                 struct counter64 ifHCOutUcastPkts_val);
+     int             ifHCOutUcastPkts_undo_setup(ifXTable_rowreq_ctx *
+                                                 rowreq_ctx);
+     int             ifHCOutUcastPkts_set(ifXTable_rowreq_ctx * rowreq_ctx,
+-                                         U64 ifHCOutUcastPkts_val);
++                                         struct counter64 ifHCOutUcastPkts_val);
+     int             ifHCOutUcastPkts_undo(ifXTable_rowreq_ctx *
+                                           rowreq_ctx);
+ 
+     int             ifHCOutMulticastPkts_check_value(ifXTable_rowreq_ctx *
+                                                      rowreq_ctx,
+-                                                     U64
++                                                     struct counter64
+                                                      ifHCOutMulticastPkts_val);
+     int             ifHCOutMulticastPkts_undo_setup(ifXTable_rowreq_ctx *
+                                                     rowreq_ctx);
+     int             ifHCOutMulticastPkts_set(ifXTable_rowreq_ctx *
+                                              rowreq_ctx,
+-                                             U64 ifHCOutMulticastPkts_val);
++                                             struct counter64 ifHCOutMulticastPkts_val);
+     int             ifHCOutMulticastPkts_undo(ifXTable_rowreq_ctx *
+                                               rowreq_ctx);
+ 
+     int             ifHCOutBroadcastPkts_check_value(ifXTable_rowreq_ctx *
+                                                      rowreq_ctx,
+-                                                     U64
++                                                     struct counter64
+                                                      ifHCOutBroadcastPkts_val);
+     int             ifHCOutBroadcastPkts_undo_setup(ifXTable_rowreq_ctx *
+                                                     rowreq_ctx);
+     int             ifHCOutBroadcastPkts_set(ifXTable_rowreq_ctx *
+                                              rowreq_ctx,
+-                                             U64 ifHCOutBroadcastPkts_val);
++                                             struct counter64 ifHCOutBroadcastPkts_val);
+     int             ifHCOutBroadcastPkts_undo(ifXTable_rowreq_ctx *
+                                               rowreq_ctx);
+ 
+diff --git a/agent/mibgroup/if-mib/ifXTable/ifXTable_interface.c b/agent/mibgroup/if-mib/ifXTable/ifXTable_interface.c
+index 23b50d0..e561842 100644
+--- a/agent/mibgroup/if-mib/ifXTable/ifXTable_interface.c
++++ b/agent/mibgroup/if-mib/ifXTable/ifXTable_interface.c
+@@ -729,72 +729,72 @@ _ifXTable_get_column(ifXTable_rowreq_ctx * rowreq_ctx,
+          * ifHCInOctets(6)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCINOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCInOctets_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCInOctets_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+          * ifHCInUcastPkts(7)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCINUCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCInUcastPkts_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCInUcastPkts_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+          * ifHCInMulticastPkts(8)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCINMULTICASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCInMulticastPkts_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCInMulticastPkts_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+          * ifHCInBroadcastPkts(9)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCINBROADCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCInBroadcastPkts_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCInBroadcastPkts_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+          * ifHCOutOctets(10)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCOUTOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCOutOctets_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCOutOctets_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+          * ifHCOutUcastPkts(11)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCOUTUCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCOutUcastPkts_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCOutUcastPkts_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+          * ifHCOutMulticastPkts(12)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCOUTMULTICASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCOutMulticastPkts_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCOutMulticastPkts_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+          * ifHCOutBroadcastPkts(13)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IFHCOUTBROADCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ifHCOutBroadcastPkts_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ifHCOutBroadcastPkts_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+diff --git a/agent/mibgroup/ip-mib/data_access/systemstats_common.c b/agent/mibgroup/ip-mib/data_access/systemstats_common.c
+index 29109bd..7434b3a 100644
+--- a/agent/mibgroup/ip-mib/data_access/systemstats_common.c
++++ b/agent/mibgroup/ip-mib/data_access/systemstats_common.c
+@@ -264,7 +264,7 @@ _calculate_entries(netsnmp_systemstats_entry * entry)
+            && entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCOUTFRAGCREATES]
+         && entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCOUTDISCARDS]) {
+ 
+-        U64 tmp, tmp2, tmp3;
++        struct counter64 tmp, tmp2, tmp3;
+         tmp = entry->stats.HCOutRequests;
+         u64Incr(&tmp, &entry->stats.HCOutForwDatagrams);
+         u64Incr(&tmp, &entry->stats.HCOutFragCreates);
+diff --git a/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.c b/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.c
+index db673dc..fec36b2 100644
+--- a/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.c
++++ b/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.c
+@@ -270,7 +270,7 @@ The total number of input IP datagrams received, including
+  */
+ int
+ ipIfStatsHCInReceives_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                          U64 * ipIfStatsHCInReceives_val_ptr)
++                          struct counter64 *ipIfStatsHCInReceives_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCInReceives_val_ptr);
+@@ -395,7 +395,7 @@ The total number of octets received in input IP datagrams,
+  */
+ int
+ ipIfStatsHCInOctets_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                        U64 * ipIfStatsHCInOctets_val_ptr)
++                        struct counter64 *ipIfStatsHCInOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCInOctets_val_ptr);
+@@ -862,7 +862,7 @@ The number of input datagrams for which this entity was not
+  */
+ int
+ ipIfStatsHCInForwDatagrams_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                               U64 * ipIfStatsHCInForwDatagrams_val_ptr)
++                               struct counter64 *ipIfStatsHCInForwDatagrams_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCInForwDatagrams_val_ptr);
+@@ -1267,7 +1267,7 @@ The total number of datagrams successfully delivered to IP
+  */
+ int
+ ipIfStatsHCInDelivers_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                          U64 * ipIfStatsHCInDelivers_val_ptr)
++                          struct counter64 *ipIfStatsHCInDelivers_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCInDelivers_val_ptr);
+@@ -1396,7 +1396,7 @@ The total number of IP datagrams that local IP user-
+  */
+ int
+ ipIfStatsHCOutRequests_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                           U64 * ipIfStatsHCOutRequests_val_ptr)
++                           struct counter64 *ipIfStatsHCOutRequests_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCOutRequests_val_ptr);
+@@ -1532,7 +1532,7 @@ The number of datagrams for which this entity was not their
+  */
+ int
+ ipIfStatsHCOutForwDatagrams_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                                U64 * ipIfStatsHCOutForwDatagrams_val_ptr)
++                                struct counter64 *ipIfStatsHCOutForwDatagrams_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCOutForwDatagrams_val_ptr);
+@@ -1999,7 +1999,7 @@ The total number of IP datagrams that this entity supplied
+  */
+ int
+ ipIfStatsHCOutTransmits_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                            U64 * ipIfStatsHCOutTransmits_val_ptr)
++                            struct counter64 *ipIfStatsHCOutTransmits_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCOutTransmits_val_ptr);
+@@ -2123,7 +2123,7 @@ The total number of octets in IP datagrams delivered to the
+  */
+ int
+ ipIfStatsHCOutOctets_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                         U64 * ipIfStatsHCOutOctets_val_ptr)
++                         struct counter64 *ipIfStatsHCOutOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCOutOctets_val_ptr);
+@@ -2245,7 +2245,7 @@ The number of IP multicast datagrams received.  This object
+  */
+ int
+ ipIfStatsHCInMcastPkts_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                           U64 * ipIfStatsHCInMcastPkts_val_ptr)
++                           struct counter64 *ipIfStatsHCInMcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCInMcastPkts_val_ptr);
+@@ -2372,7 +2372,7 @@ The total number of octets received in IP multicast
+  */
+ int
+ ipIfStatsHCInMcastOctets_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                             U64 * ipIfStatsHCInMcastOctets_val_ptr)
++                             struct counter64 *ipIfStatsHCInMcastOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCInMcastOctets_val_ptr);
+@@ -2497,7 +2497,7 @@ The number of IP multicast datagrams transmitted.  This
+  */
+ int
+ ipIfStatsHCOutMcastPkts_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                            U64 * ipIfStatsHCOutMcastPkts_val_ptr)
++                            struct counter64 *ipIfStatsHCOutMcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCOutMcastPkts_val_ptr);
+@@ -2621,7 +2621,7 @@ The total number of octets transmitted in IP multicast
+  */
+ int
+ ipIfStatsHCOutMcastOctets_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                              U64 * ipIfStatsHCOutMcastOctets_val_ptr)
++                              struct counter64 *ipIfStatsHCOutMcastOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCOutMcastOctets_val_ptr);
+@@ -2743,7 +2743,7 @@ The number of IP broadcast datagrams received.  This object
+  */
+ int
+ ipIfStatsHCInBcastPkts_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                           U64 * ipIfStatsHCInBcastPkts_val_ptr)
++                           struct counter64 *ipIfStatsHCInBcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCInBcastPkts_val_ptr);
+@@ -2865,7 +2865,7 @@ The number of IP broadcast datagrams transmitted.  This
+  */
+ int
+ ipIfStatsHCOutBcastPkts_get(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+-                            U64 * ipIfStatsHCOutBcastPkts_val_ptr)
++                            struct counter64 *ipIfStatsHCOutBcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipIfStatsHCOutBcastPkts_val_ptr);
+diff --git a/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.h b/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.h
+index 0cc7e47..ad5d8a0 100644
+--- a/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.h
++++ b/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_data_get.h
+@@ -50,7 +50,7 @@ extern          "C" {
+                                             ipIfStatsInReceives_val_ptr);
+     int             ipIfStatsHCInReceives_get(ipIfStatsTable_rowreq_ctx *
+                                               rowreq_ctx,
+-                                              U64 *
++                                              struct counter64 *
+                                               ipIfStatsHCInReceives_val_ptr);
+     int             ipIfStatsInOctets_get(ipIfStatsTable_rowreq_ctx *
+                                           rowreq_ctx,
+@@ -58,7 +58,7 @@ extern          "C" {
+                                           ipIfStatsInOctets_val_ptr);
+     int             ipIfStatsHCInOctets_get(ipIfStatsTable_rowreq_ctx *
+                                             rowreq_ctx,
+-                                            U64 *
++                                            struct counter64 *
+                                             ipIfStatsHCInOctets_val_ptr);
+     int             ipIfStatsInHdrErrors_get(ipIfStatsTable_rowreq_ctx *
+                                              rowreq_ctx,
+@@ -87,7 +87,7 @@ extern          "C" {
+     int            
+         ipIfStatsHCInForwDatagrams_get(ipIfStatsTable_rowreq_ctx *
+                                        rowreq_ctx,
+-                                       U64 *
++                                       struct counter64 *
+                                        ipIfStatsHCInForwDatagrams_val_ptr);
+     int             ipIfStatsReasmReqds_get(ipIfStatsTable_rowreq_ctx *
+                                             rowreq_ctx,
+@@ -111,7 +111,7 @@ extern          "C" {
+                                             ipIfStatsInDelivers_val_ptr);
+     int             ipIfStatsHCInDelivers_get(ipIfStatsTable_rowreq_ctx *
+                                               rowreq_ctx,
+-                                              U64 *
++                                              struct counter64 *
+                                               ipIfStatsHCInDelivers_val_ptr);
+     int             ipIfStatsOutRequests_get(ipIfStatsTable_rowreq_ctx *
+                                              rowreq_ctx,
+@@ -119,7 +119,7 @@ extern          "C" {
+                                              ipIfStatsOutRequests_val_ptr);
+     int             ipIfStatsHCOutRequests_get(ipIfStatsTable_rowreq_ctx *
+                                                rowreq_ctx,
+-                                               U64 *
++                                               struct counter64 *
+                                                ipIfStatsHCOutRequests_val_ptr);
+     int             ipIfStatsOutForwDatagrams_get(ipIfStatsTable_rowreq_ctx
+                                                   * rowreq_ctx,
+@@ -128,7 +128,7 @@ extern          "C" {
+     int            
+         ipIfStatsHCOutForwDatagrams_get(ipIfStatsTable_rowreq_ctx *
+                                         rowreq_ctx,
+-                                        U64 *
++                                        struct counter64 *
+                                         ipIfStatsHCOutForwDatagrams_val_ptr);
+     int             ipIfStatsOutDiscards_get(ipIfStatsTable_rowreq_ctx *
+                                              rowreq_ctx,
+@@ -156,7 +156,7 @@ extern          "C" {
+                                               ipIfStatsOutTransmits_val_ptr);
+     int             ipIfStatsHCOutTransmits_get(ipIfStatsTable_rowreq_ctx *
+                                                 rowreq_ctx,
+-                                                U64 *
++                                                struct counter64 *
+                                                 ipIfStatsHCOutTransmits_val_ptr);
+     int             ipIfStatsOutOctets_get(ipIfStatsTable_rowreq_ctx *
+                                            rowreq_ctx,
+@@ -164,7 +164,7 @@ extern          "C" {
+                                            ipIfStatsOutOctets_val_ptr);
+     int             ipIfStatsHCOutOctets_get(ipIfStatsTable_rowreq_ctx *
+                                              rowreq_ctx,
+-                                             U64 *
++                                             struct counter64 *
+                                              ipIfStatsHCOutOctets_val_ptr);
+     int             ipIfStatsInMcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                              rowreq_ctx,
+@@ -172,7 +172,7 @@ extern          "C" {
+                                              ipIfStatsInMcastPkts_val_ptr);
+     int             ipIfStatsHCInMcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                                rowreq_ctx,
+-                                               U64 *
++                                               struct counter64 *
+                                                ipIfStatsHCInMcastPkts_val_ptr);
+     int             ipIfStatsInMcastOctets_get(ipIfStatsTable_rowreq_ctx *
+                                                rowreq_ctx,
+@@ -180,7 +180,7 @@ extern          "C" {
+                                                ipIfStatsInMcastOctets_val_ptr);
+     int             ipIfStatsHCInMcastOctets_get(ipIfStatsTable_rowreq_ctx
+                                                  * rowreq_ctx,
+-                                                 U64 *
++                                                 struct counter64 *
+                                                  ipIfStatsHCInMcastOctets_val_ptr);
+     int             ipIfStatsOutMcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                               rowreq_ctx,
+@@ -188,7 +188,7 @@ extern          "C" {
+                                               ipIfStatsOutMcastPkts_val_ptr);
+     int             ipIfStatsHCOutMcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                                 rowreq_ctx,
+-                                                U64 *
++                                                struct counter64 *
+                                                 ipIfStatsHCOutMcastPkts_val_ptr);
+     int             ipIfStatsOutMcastOctets_get(ipIfStatsTable_rowreq_ctx *
+                                                 rowreq_ctx,
+@@ -196,7 +196,7 @@ extern          "C" {
+                                                 ipIfStatsOutMcastOctets_val_ptr);
+     int             ipIfStatsHCOutMcastOctets_get(ipIfStatsTable_rowreq_ctx
+                                                   * rowreq_ctx,
+-                                                  U64 *
++                                                  struct counter64 *
+                                                   ipIfStatsHCOutMcastOctets_val_ptr);
+     int             ipIfStatsInBcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                              rowreq_ctx,
+@@ -204,7 +204,7 @@ extern          "C" {
+                                              ipIfStatsInBcastPkts_val_ptr);
+     int             ipIfStatsHCInBcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                                rowreq_ctx,
+-                                               U64 *
++                                               struct counter64 *
+                                                ipIfStatsHCInBcastPkts_val_ptr);
+     int             ipIfStatsOutBcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                               rowreq_ctx,
+@@ -212,7 +212,7 @@ extern          "C" {
+                                               ipIfStatsOutBcastPkts_val_ptr);
+     int             ipIfStatsHCOutBcastPkts_get(ipIfStatsTable_rowreq_ctx *
+                                                 rowreq_ctx,
+-                                                U64 *
++                                                struct counter64 *
+                                                 ipIfStatsHCOutBcastPkts_val_ptr);
+     int            
+         ipIfStatsDiscontinuityTime_get(ipIfStatsTable_rowreq_ctx *
+diff --git a/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_interface.c b/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_interface.c
+index 559d1c1..4955a8b 100644
+--- a/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_interface.c
++++ b/agent/mibgroup/ip-mib/ipIfStatsTable/ipIfStatsTable_interface.c
+@@ -722,10 +722,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCInReceives(4)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCINRECEIVES:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCInReceives_get(rowreq_ctx,
+-                                       (U64 *) var->val.string);
++                                       (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -741,9 +741,9 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCInOctets(6)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCINOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ipIfStatsHCInOctets_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ipIfStatsHCInOctets_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -810,10 +810,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCInForwDatagrams(13)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCINFORWDATAGRAMS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCInForwDatagrams_get(rowreq_ctx,
+-                                            (U64 *) var->val.string);
++                                            (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -869,10 +869,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCInDelivers(19)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCINDELIVERS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCInDelivers_get(rowreq_ctx,
+-                                       (U64 *) var->val.string);
++                                       (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -889,10 +889,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCOutRequests(21)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCOUTREQUESTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCOutRequests_get(rowreq_ctx,
+-                                        (U64 *) var->val.string);
++                                        (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -909,10 +909,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCOutForwDatagrams(24)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCOUTFORWDATAGRAMS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCOutForwDatagrams_get(rowreq_ctx,
+-                                             (U64 *) var->val.string);
++                                             (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -979,10 +979,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCOutTransmits(31)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCOUTTRANSMITS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCOutTransmits_get(rowreq_ctx,
+-                                         (U64 *) var->val.string);
++                                         (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -999,9 +999,9 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCOutOctets(33)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCOUTOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+-        rc = ipIfStatsHCOutOctets_get(rowreq_ctx, (U64 *) var->val.string);
++        rc = ipIfStatsHCOutOctets_get(rowreq_ctx, (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1018,10 +1018,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCInMcastPkts(35)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCINMCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCInMcastPkts_get(rowreq_ctx,
+-                                        (U64 *) var->val.string);
++                                        (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1038,10 +1038,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCInMcastOctets(37)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCINMCASTOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCInMcastOctets_get(rowreq_ctx,
+-                                          (U64 *) var->val.string);
++                                          (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1058,10 +1058,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCOutMcastPkts(39)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCOUTMCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCOutMcastPkts_get(rowreq_ctx,
+-                                         (U64 *) var->val.string);
++                                         (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1078,10 +1078,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCOutMcastOctets(41)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCOUTMCASTOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCOutMcastOctets_get(rowreq_ctx,
+-                                           (U64 *) var->val.string);
++                                           (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1098,10 +1098,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCInBcastPkts(43)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCINBCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCInBcastPkts_get(rowreq_ctx,
+-                                        (U64 *) var->val.string);
++                                        (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1118,10 +1118,10 @@ _ipIfStatsTable_get_column(ipIfStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipIfStatsHCOutBcastPkts(45)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPIFSTATSHCOUTBCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipIfStatsHCOutBcastPkts_get(rowreq_ctx,
+-                                         (U64 *) var->val.string);
++                                         (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+diff --git a/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.c b/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.c
+index 10587e2..5a9323f 100644
+--- a/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.c
++++ b/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.c
+@@ -452,7 +452,7 @@ The total number of input IP datagrams received, including
+  */
+ int
+ ipSystemStatsHCInReceives_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                              U64 * ipSystemStatsHCInReceives_val_ptr)
++                              struct counter64 *ipSystemStatsHCInReceives_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCInReceives_val_ptr);
+@@ -579,7 +579,7 @@ The total number of octets received in input IP datagrams,
+  */
+ int
+ ipSystemStatsHCInOctets_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                            U64 * ipSystemStatsHCInOctets_val_ptr)
++                            struct counter64 *ipSystemStatsHCInOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCInOctets_val_ptr);
+@@ -1058,7 +1058,7 @@ The number of input datagrams for which this entity was not
+ int
+ ipSystemStatsHCInForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
+                                    rowreq_ctx,
+-                                   U64 *
++                                   struct counter64 *
+                                    ipSystemStatsHCInForwDatagrams_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+@@ -1474,7 +1474,7 @@ The total number of datagrams successfully delivered to IP
+  */
+ int
+ ipSystemStatsHCInDelivers_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                              U64 * ipSystemStatsHCInDelivers_val_ptr)
++                              struct counter64 *ipSystemStatsHCInDelivers_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCInDelivers_val_ptr);
+@@ -1602,7 +1602,7 @@ The total number of IP datagrams which local IP user-
+  */
+ int
+ ipSystemStatsHCOutRequests_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                               U64 * ipSystemStatsHCOutRequests_val_ptr)
++                               struct counter64 *ipSystemStatsHCOutRequests_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCOutRequests_val_ptr);
+@@ -1809,7 +1809,7 @@ The number of datagrams for which this entity was not their
+ int
+ ipSystemStatsHCOutForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+-                                    U64 *
++                                    struct counter64 *
+                                     ipSystemStatsHCOutForwDatagrams_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+@@ -2288,7 +2288,7 @@ The total number of IP datagrams that this entity supplied
+  */
+ int
+ ipSystemStatsHCOutTransmits_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                                U64 * ipSystemStatsHCOutTransmits_val_ptr)
++                                struct counter64 *ipSystemStatsHCOutTransmits_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCOutTransmits_val_ptr);
+@@ -2415,7 +2415,7 @@ The total number of octets in IP datagrams delivered to the
+  */
+ int
+ ipSystemStatsHCOutOctets_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                             U64 * ipSystemStatsHCOutOctets_val_ptr)
++                             struct counter64 *ipSystemStatsHCOutOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCOutOctets_val_ptr);
+@@ -2539,7 +2539,7 @@ The number of IP multicast datagrams received.  This object
+  */
+ int
+ ipSystemStatsHCInMcastPkts_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                               U64 * ipSystemStatsHCInMcastPkts_val_ptr)
++                               struct counter64 *ipSystemStatsHCInMcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCInMcastPkts_val_ptr);
+@@ -2665,7 +2665,7 @@ The total number of octets received in IP multicast
+ int
+ ipSystemStatsHCInMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                  rowreq_ctx,
+-                                 U64 *
++                                 struct counter64 *
+                                  ipSystemStatsHCInMcastOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+@@ -2790,7 +2790,7 @@ The number of IP multicast datagrams transmitted.  This
+  */
+ int
+ ipSystemStatsHCOutMcastPkts_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                                U64 * ipSystemStatsHCOutMcastPkts_val_ptr)
++                                struct counter64 *ipSystemStatsHCOutMcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCOutMcastPkts_val_ptr);
+@@ -2921,7 +2921,7 @@ The total number of octets transmitted in IP multicast
+ int
+ ipSystemStatsHCOutMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                   rowreq_ctx,
+-                                  U64 *
++                                  struct counter64 *
+                                   ipSystemStatsHCOutMcastOctets_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+@@ -3046,7 +3046,7 @@ The number of IP broadcast datagrams received.  This object
+  */
+ int
+ ipSystemStatsHCInBcastPkts_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                               U64 * ipSystemStatsHCInBcastPkts_val_ptr)
++                               struct counter64 *ipSystemStatsHCInBcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCInBcastPkts_val_ptr);
+@@ -3170,7 +3170,7 @@ The number of IP broadcast datagrams transmitted.  This
+  */
+ int
+ ipSystemStatsHCOutBcastPkts_get(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+-                                U64 * ipSystemStatsHCOutBcastPkts_val_ptr)
++                                struct counter64 *ipSystemStatsHCOutBcastPkts_val_ptr)
+ {
+    /** we should have a non-NULL pointer */
+     netsnmp_assert(NULL != ipSystemStatsHCOutBcastPkts_val_ptr);
+diff --git a/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.h b/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.h
+index ca1e1f3..5c3823e 100644
+--- a/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.h
++++ b/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable.h
+@@ -144,93 +144,22 @@ config_require(ip-mib/ipSystemStatsTable/ipSystemStatsTable_data_access)
+      *********************************************************************
+      * function prototypes
+      */
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsTable_pre_request(ipSystemStatsTable_registration *
++    int ipSystemStatsTable_pre_request(ipSystemStatsTable_registration *
+                                        user_context);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsTable_post_request(ipSystemStatsTable_registration *
++    int ipSystemStatsTable_post_request(ipSystemStatsTable_registration *
+                                         user_context, int rc);
+ 
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsTable_rowreq_ctx_init(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsTable_rowreq_ctx_init(ipSystemStatsTable_rowreq_ctx *
+                                            rowreq_ctx,
+                                            void *user_init_ctx);
+     void
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+         ipSystemStatsTable_rowreq_ctx_cleanup(ipSystemStatsTable_rowreq_ctx
+                                               * rowreq_ctx);
+ 
+     ipSystemStatsTable_data *ipSystemStatsTable_allocate_data(void);
+     void            ipSystemStatsTable_release_data(ipSystemStatsTable_data
+                                                     * data);
+-
+-
+-         
+-         
+-         
+-         
+-         
+-         
+-        ipSystemStatsTable_rowreq_ctx
++    ipSystemStatsTable_rowreq_ctx
+         * ipSystemStatsTable_row_find_by_mib_index
+         (ipSystemStatsTable_mib_index * mib_idx);
+ 
+@@ -265,226 +194,50 @@ config_require(ip-mib/ipSystemStatsTable/ipSystemStatsTable_data_access)
+      * indexes
+      */
+ 
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInReceives_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInReceives_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+                                     u_long *
+                                     ipSystemStatsInReceives_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCInReceives_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCInReceives_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+-                                      U64 *
++                                      struct counter64 *
+                                       ipSystemStatsHCInReceives_val_ptr);
+     int             ipSystemStatsInOctets_get(ipSystemStatsTable_rowreq_ctx
+                                               * rowreq_ctx,
+                                               u_long *
+                                               ipSystemStatsInOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCInOctets_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCInOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+-                                    U64 * ipSystemStatsHCInOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInHdrErrors_get(ipSystemStatsTable_rowreq_ctx *
++                                    struct counter64 *ipSystemStatsHCInOctets_val_ptr);
++    int ipSystemStatsInHdrErrors_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+                                      u_long *
+                                      ipSystemStatsInHdrErrors_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInNoRoutes_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInNoRoutes_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+                                     u_long *
+                                     ipSystemStatsInNoRoutes_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInAddrErrors_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInAddrErrors_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+                                       u_long *
+                                       ipSystemStatsInAddrErrors_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInUnknownProtos_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInUnknownProtos_get(ipSystemStatsTable_rowreq_ctx *
+                                          rowreq_ctx,
+                                          u_long *
+                                          ipSystemStatsInUnknownProtos_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInTruncatedPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInTruncatedPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                          rowreq_ctx,
+                                          u_long *
+                                          ipSystemStatsInTruncatedPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
+                                          rowreq_ctx,
+                                          u_long *
+                                          ipSystemStatsInForwDatagrams_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCInForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCInForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
+                                            rowreq_ctx,
+-                                           U64 *
++                                           struct counter64 *
+                                            ipSystemStatsHCInForwDatagrams_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsReasmReqds_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsReasmReqds_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+                                     u_long *
+                                     ipSystemStatsReasmReqds_val_ptr);
+@@ -492,690 +245,142 @@ config_require(ip-mib/ipSystemStatsTable/ipSystemStatsTable_data_access)
+                                               * rowreq_ctx,
+                                               u_long *
+                                               ipSystemStatsReasmOKs_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsReasmFails_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsReasmFails_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+                                     u_long *
+                                     ipSystemStatsReasmFails_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInDiscards_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInDiscards_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+                                     u_long *
+                                     ipSystemStatsInDiscards_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInDelivers_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInDelivers_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+                                     u_long *
+                                     ipSystemStatsInDelivers_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCInDelivers_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCInDelivers_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+-                                      U64 *
++                                      struct counter64 *
+                                       ipSystemStatsHCInDelivers_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutRequests_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutRequests_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+                                      u_long *
+                                      ipSystemStatsOutRequests_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCOutRequests_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCOutRequests_get(ipSystemStatsTable_rowreq_ctx *
+                                        rowreq_ctx,
+-                                       U64 *
++                                       struct counter64 *
+                                        ipSystemStatsHCOutRequests_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutNoRoutes_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutNoRoutes_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+                                      u_long *
+                                      ipSystemStatsOutNoRoutes_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
+                                           rowreq_ctx,
+                                           u_long *
+                                           ipSystemStatsOutForwDatagrams_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCOutForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCOutForwDatagrams_get(ipSystemStatsTable_rowreq_ctx *
+                                             rowreq_ctx,
+-                                            U64 *
++                                            struct counter64 *
+                                             ipSystemStatsHCOutForwDatagrams_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutDiscards_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutDiscards_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+                                      u_long *
+                                      ipSystemStatsOutDiscards_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutFragReqds_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutFragReqds_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+                                       u_long *
+                                       ipSystemStatsOutFragReqds_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutFragOKs_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutFragOKs_get(ipSystemStatsTable_rowreq_ctx *
+                                     rowreq_ctx,
+                                     u_long *
+                                     ipSystemStatsOutFragOKs_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutFragFails_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutFragFails_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+                                       u_long *
+                                       ipSystemStatsOutFragFails_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutFragCreates_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutFragCreates_get(ipSystemStatsTable_rowreq_ctx *
+                                         rowreq_ctx,
+                                         u_long *
+                                         ipSystemStatsOutFragCreates_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutTransmits_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutTransmits_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+                                       u_long *
+                                       ipSystemStatsOutTransmits_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCOutTransmits_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCOutTransmits_get(ipSystemStatsTable_rowreq_ctx *
+                                         rowreq_ctx,
+-                                        U64 *
++                                        struct counter64 *
+                                         ipSystemStatsHCOutTransmits_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutOctets_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                    rowreq_ctx,
+                                    u_long *
+                                    ipSystemStatsOutOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCOutOctets_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCOutOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+-                                     U64 *
++                                     struct counter64 *
+                                      ipSystemStatsHCOutOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+                                      u_long *
+                                      ipSystemStatsInMcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCInMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCInMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                        rowreq_ctx,
+-                                       U64 *
++                                       struct counter64 *
+                                        ipSystemStatsHCInMcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                        rowreq_ctx,
+                                        u_long *
+                                        ipSystemStatsInMcastOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCInMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCInMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                          rowreq_ctx,
+-                                         U64 *
++                                         struct counter64 *
+                                          ipSystemStatsHCInMcastOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+                                       u_long *
+                                       ipSystemStatsOutMcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCOutMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCOutMcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                         rowreq_ctx,
+-                                        U64 *
++                                        struct counter64 *
+                                         ipSystemStatsHCOutMcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                         rowreq_ctx,
+                                         u_long *
+                                         ipSystemStatsOutMcastOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCOutMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCOutMcastOctets_get(ipSystemStatsTable_rowreq_ctx *
+                                           rowreq_ctx,
+-                                          U64 *
++                                          struct counter64 *
+                                           ipSystemStatsHCOutMcastOctets_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsInBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsInBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+                                      u_long *
+                                      ipSystemStatsInBcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCInBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCInBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                        rowreq_ctx,
+-                                       U64 *
++                                       struct counter64 *
+                                        ipSystemStatsHCInBcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsOutBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsOutBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                       rowreq_ctx,
+                                       u_long *
+                                       ipSystemStatsOutBcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsHCOutBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsHCOutBcastPkts_get(ipSystemStatsTable_rowreq_ctx *
+                                         rowreq_ctx,
+-                                        U64 *
++                                        struct counter64 *
+                                         ipSystemStatsHCOutBcastPkts_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsDiscontinuityTime_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsDiscontinuityTime_get(ipSystemStatsTable_rowreq_ctx *
+                                            rowreq_ctx,
+                                            u_long *
+                                            ipSystemStatsDiscontinuityTime_val_ptr);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsRefreshRate_get(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsRefreshRate_get(ipSystemStatsTable_rowreq_ctx *
+                                      rowreq_ctx,
+                                      u_long *
+                                      ipSystemStatsRefreshRate_val_ptr);
+-
+-
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsTable_indexes_set_tbl_idx(ipSystemStatsTable_mib_index
++    int ipSystemStatsTable_indexes_set_tbl_idx(ipSystemStatsTable_mib_index
+                                                * tbl_idx,
+                                                u_long
+                                                ipSystemStatsIPVersion_val);
+-    int
+-     
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        
+-        ipSystemStatsTable_indexes_set(ipSystemStatsTable_rowreq_ctx *
++    int ipSystemStatsTable_indexes_set(ipSystemStatsTable_rowreq_ctx *
+                                        rowreq_ctx,
+                                        u_long ipSystemStatsIPVersion_val);
+ 
+-
+-
+     /*
+      *********************************************************************
+      * SET function declarations
+diff --git a/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable_interface.c b/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable_interface.c
+index e1ca2cb..09c061f 100644
+--- a/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable_interface.c
++++ b/agent/mibgroup/ip-mib/ipSystemStatsTable/ipSystemStatsTable_interface.c
+@@ -674,10 +674,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCInReceives(4)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCINRECEIVES:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCInReceives_get(rowreq_ctx,
+-                                           (U64 *) var->val.string);
++                                           (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -694,10 +694,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCInOctets(6)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCINOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCInOctets_get(rowreq_ctx,
+-                                         (U64 *) var->val.string);
++                                         (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -764,10 +764,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCInForwDatagrams(13)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCINFORWDATAGRAMS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCInForwDatagrams_get(rowreq_ctx,
+-                                                (U64 *) var->val.string);
++                                                (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -824,10 +824,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCInDelivers(19)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCINDELIVERS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCInDelivers_get(rowreq_ctx,
+-                                           (U64 *) var->val.string);
++                                           (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -844,10 +844,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCOutRequests(21)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCOUTREQUESTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCOutRequests_get(rowreq_ctx,
+-                                            (U64 *) var->val.string);
++                                            (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -874,10 +874,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCOutForwDatagrams(24)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCOUTFORWDATAGRAMS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCOutForwDatagrams_get(rowreq_ctx,
+-                                                 (U64 *) var->val.string);
++                                                 (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -944,10 +944,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCOutTransmits(31)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCOUTTRANSMITS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCOutTransmits_get(rowreq_ctx,
+-                                             (U64 *) var->val.string);
++                                             (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -964,10 +964,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCOutOctets(33)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCOUTOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCOutOctets_get(rowreq_ctx,
+-                                          (U64 *) var->val.string);
++                                          (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -984,10 +984,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCInMcastPkts(35)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCINMCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCInMcastPkts_get(rowreq_ctx,
+-                                            (U64 *) var->val.string);
++                                            (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1004,10 +1004,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCInMcastOctets(37)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCINMCASTOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCInMcastOctets_get(rowreq_ctx,
+-                                              (U64 *) var->val.string);
++                                              (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1024,10 +1024,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCOutMcastPkts(39)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCOUTMCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCOutMcastPkts_get(rowreq_ctx,
+-                                             (U64 *) var->val.string);
++                                             (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1044,10 +1044,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCOutMcastOctets(41)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCOUTMCASTOCTETS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCOutMcastOctets_get(rowreq_ctx,
+-                                               (U64 *) var->val.string);
++                                               (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1064,10 +1064,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCInBcastPkts(43)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCINBCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCInBcastPkts_get(rowreq_ctx,
+-                                            (U64 *) var->val.string);
++                                            (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+@@ -1084,10 +1084,10 @@ _ipSystemStatsTable_get_column(ipSystemStatsTable_rowreq_ctx * rowreq_ctx,
+          * ipSystemStatsHCOutBcastPkts(45)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h 
+          */
+     case COLUMN_IPSYSTEMSTATSHCOUTBCASTPKTS:
+-        var->val_len = sizeof(U64);
++        var->val_len = sizeof(struct counter64);
+         var->type = ASN_COUNTER64;
+         rc = ipSystemStatsHCOutBcastPkts_get(rowreq_ctx,
+-                                             (U64 *) var->val.string);
++                                             (struct counter64 *) var->val.string);
+         break;
+ 
+         /*
+diff --git a/include/net-snmp/data_access/ipstats.h b/include/net-snmp/data_access/ipstats.h
+index f782459..f0df46b 100644
+--- a/include/net-snmp/data_access/ipstats.h
++++ b/include/net-snmp/data_access/ipstats.h
+@@ -58,45 +58,45 @@ typedef struct netsnmp_ipstats_s {
+     * other columns, when underlying OS does not provide them.
+     * Always fill at least 32 bits, the table is periodically polled -> 32 bit
+     * overflow shall be detected and 64 bit value should be computed automatically. */
+-   U64             HCInReceives;
+-   U64             HCInOctets;
++   struct counter64 HCInReceives;
++   struct counter64 HCInOctets;
+    u_long          InHdrErrors;
+-   U64             HCInNoRoutes; 
++   struct counter64 HCInNoRoutes; 
+    u_long          InAddrErrors;
+    u_long          InUnknownProtos;
+    u_long          InTruncatedPkts;
+    
+    /* optional, can be computed from HCInNoRoutes and HCOutForwDatagrams */
+-   U64             HCInForwDatagrams; 
++   struct counter64 HCInForwDatagrams; 
+    
+    u_long          ReasmReqds;
+    u_long          ReasmOKs;
+    u_long          ReasmFails;
+    u_long          InDiscards;
+-   U64             HCInDelivers;
+-   U64             HCOutRequests;
+-   U64             HCOutNoRoutes;
+-   U64             HCOutForwDatagrams;
+-   U64             HCOutDiscards;
++   struct counter64 HCInDelivers;
++   struct counter64 HCOutRequests;
++   struct counter64 HCOutNoRoutes;
++   struct counter64 HCOutForwDatagrams;
++   struct counter64 HCOutDiscards;
+    
+    /* optional, can be computed from HCOutFragOKs + HCOutFragFails*/
+-   U64             HCOutFragReqds;
+-   U64             HCOutFragOKs;
+-   U64             HCOutFragFails;
+-   U64             HCOutFragCreates;
++   struct counter64 HCOutFragReqds;
++   struct counter64 HCOutFragOKs;
++   struct counter64 HCOutFragFails;
++   struct counter64 HCOutFragCreates;
+    
+    /* optional, can be computed from 
+     * HCOutRequests +HCOutForwDatagrams + HCOutFragCreates
+     * - HCOutFragReqds - HCOutNoRoutes  - HCOutDiscards */
+-   U64             HCOutTransmits;
++   struct counter64 HCOutTransmits;
+    
+-   U64             HCOutOctets;
+-   U64             HCInMcastPkts;
+-   U64             HCInMcastOctets;
+-   U64             HCOutMcastPkts;
+-   U64             HCOutMcastOctets;
+-   U64             HCInBcastPkts;
+-   U64             HCOutBcastPkts;
++   struct counter64 HCOutOctets;
++   struct counter64 HCInMcastPkts;
++   struct counter64 HCInMcastOctets;
++   struct counter64 HCOutMcastPkts;
++   struct counter64 HCOutMcastOctets;
++   struct counter64 HCInBcastPkts;
++   struct counter64 HCOutBcastPkts;
+ 
+    /* Array of available columns.*/
+    int             columnAvail[IPSYSTEMSTATSTABLE_LAST+1];
+diff --git a/include/net-snmp/library/int64.h b/include/net-snmp/library/int64.h
+index 9c7c894..3a85213 100644
+--- a/include/net-snmp/library/int64.h
++++ b/include/net-snmp/library/int64.h
+@@ -5,31 +5,29 @@
+ extern          "C" {
+ #endif
+ 
+-    typedef struct counter64 U64;
+-
+ #define I64CHARSZ 21
+ 
+-    void            divBy10(U64, U64 *, unsigned int *);
+-    void            multBy10(U64, U64 *);
+-    void            incrByU16(U64 *, unsigned int);
+-    void            incrByU32(U64 *, unsigned int);
++    void            divBy10(struct counter64, struct counter64 *, unsigned int *);
++    void            multBy10(struct counter64, struct counter64 *);
++    void            incrByU16(struct counter64 *, unsigned int);
++    void            incrByU32(struct counter64 *, unsigned int);
+     NETSNMP_IMPORT
+-    void            zeroU64(U64 *);
+-    int             isZeroU64(const U64 *);
++    void            zeroU64(struct counter64 *);
++    int             isZeroU64(const struct counter64 *);
+     NETSNMP_IMPORT
+-    void            printU64(char *, const U64 *);
++    void            printU64(char *, const struct counter64 *);
+     NETSNMP_IMPORT
+-    void            printI64(char *, const U64 *);
+-    int             read64(U64 *, const char *);
++    void            printI64(char *, const struct counter64 *);
++    int             read64(struct counter64 *, const char *);
+     NETSNMP_IMPORT
+-    void            u64Subtract(const U64 * pu64one, const U64 * pu64two,
+-                                U64 * pu64out);
+-    void            u64Incr(U64 * pu64out, const U64 * pu64one);
+-    void            u64UpdateCounter(U64 * pu64out, const U64 * pu64one,
+-                                     const U64 * pu64two);
+-    void            u64Copy(U64 * pu64one, const U64 * pu64two);
++    void            u64Subtract(const struct counter64 *pu64one, const struct counter64 *pu64two,
++                                struct counter64 *pu64out);
++    void            u64Incr(struct counter64 *pu64out, const struct counter64 *pu64one);
++    void            u64UpdateCounter(struct counter64 *pu64out, const struct counter64 *pu64one,
++                                     const struct counter64 *pu64two);
++    void            u64Copy(struct counter64 *pu64one, const struct counter64 *pu64two);
+ 
+-    int             netsnmp_c64_check_for_32bit_wrap(U64 *old_val, U64 *new_val,
++    int             netsnmp_c64_check_for_32bit_wrap(struct counter64 *old_val, struct counter64 *new_val,
+                                                      int adjust);
+     NETSNMP_IMPORT
+     int             netsnmp_c64_check32_and_update(struct counter64 *prev_val,
+diff --git a/snmplib/int64.c b/snmplib/int64.c
+index 51f1f32..951f813 100644
+--- a/snmplib/int64.c
++++ b/snmplib/int64.c
+@@ -33,7 +33,7 @@
+  * @param[out] puR   Remainder.
+  */
+ void
+-divBy10(U64 u64, U64 * pu64Q, unsigned int *puR)
++divBy10(struct counter64 u64, struct counter64 *pu64Q, unsigned int *puR)
+ {
+     unsigned long   ulT;
+     unsigned long   ulQ;
+@@ -83,7 +83,7 @@ divBy10(U64 u64, U64 * pu64Q, unsigned int *puR)
+  * @param[out] pu64P Product.
+  */
+ void
+-multBy10(U64 u64, U64 * pu64P)
++multBy10(struct counter64 u64, struct counter64 *pu64P)
+ {
+     unsigned long   ulT;
+     unsigned long   ulP;
+@@ -130,7 +130,7 @@ multBy10(U64 u64, U64 * pu64P)
+  *
+  */
+ void
+-incrByU16(U64 * pu64, unsigned int u16)
++incrByU16(struct counter64 *pu64, unsigned int u16)
+ {
+     incrByU32(pu64, u16);
+ }
+@@ -143,7 +143,7 @@ incrByU16(U64 * pu64, unsigned int u16)
+  *
+  */
+ void
+-incrByU32(U64 * pu64, unsigned int u32)
++incrByU32(struct counter64 *pu64, unsigned int u32)
+ {
+     uint32_t tmp;
+ 
+@@ -161,7 +161,7 @@ incrByU32(U64 * pu64, unsigned int u32)
+  * @param[out] pu64out pu64one - pu64two.
+  */
+ void
+-u64Subtract(const U64 * pu64one, const U64 * pu64two, U64 * pu64out)
++u64Subtract(const struct counter64 *pu64one, const struct counter64 *pu64two, struct counter64 *pu64out)
+ {
+     int carry;
+ 
+@@ -177,7 +177,7 @@ u64Subtract(const U64 * pu64one, const U64 * pu64two, U64 * pu64out)
+  * @param[in,out] pu64out pu64out += pu64one.
+  */
+ void
+-u64Incr(U64 * pu64out, const U64 * pu64one)
++u64Incr(struct counter64 *pu64out, const struct counter64 *pu64one)
+ {
+     pu64out->high = (uint32_t)(pu64out->high + pu64one->high);
+     incrByU32(pu64out, pu64one->low);
+@@ -191,9 +191,9 @@ u64Incr(U64 * pu64out, const U64 * pu64one)
+  * @param[out] pu64out pu64out += (pu64one - pu64two)
+  */
+ void
+-u64UpdateCounter(U64 * pu64out, const U64 * pu64one, const U64 * pu64two)
++u64UpdateCounter(struct counter64 *pu64out, const struct counter64 *pu64one, const struct counter64 *pu64two)
+ {
+-    U64 tmp;
++    struct counter64 tmp;
+ 
+     u64Subtract(pu64one, pu64two, &tmp);
+     u64Incr(pu64out, &tmp);
+@@ -208,7 +208,7 @@ netsnmp_feature_child_of(u64copy, netsnmp_unused)
+  * @param[out] pu64one Where to store the copy - *pu64one = *pu64two.
+  */
+ void
+-u64Copy(U64 * pu64one, const U64 * pu64two)
++u64Copy(struct counter64 *pu64one, const struct counter64 *pu64two)
+ {
+     *pu64one = *pu64two;
+ }
+@@ -220,7 +220,7 @@ u64Copy(U64 * pu64one, const U64 * pu64two)
+  * @param[in] pu64 Number to be zeroed.
+  */
+ void
+-zeroU64(U64 * pu64)
++zeroU64(struct counter64 *pu64)
+ {
+     pu64->low = 0;
+     pu64->high = 0;
+@@ -232,7 +232,7 @@ zeroU64(U64 * pu64)
+  * @param[in] pu64 Number to be checked.
+  */
+ int
+-isZeroU64(const U64 * pu64)
++isZeroU64(const struct counter64 *pu64)
+ {
+     return pu64->low == 0 && pu64->high == 0;
+ }
+@@ -390,10 +390,10 @@ netsnmp_c64_check32_and_update(struct counter64 *prev_val, struct counter64 *new
+ /** Convert an unsigned 64-bit number to ASCII. */
+ void
+ printU64(char *buf, /* char [I64CHARSZ+1]; */
+-         const U64 * pu64)
++         const struct counter64 *pu64)
+ {
+-    U64             u64a;
+-    U64             u64b;
++    struct counter64 u64a;
++    struct counter64 u64b;
+ 
+     char            aRes[I64CHARSZ + 1];
+     unsigned int    u;
+@@ -414,9 +414,9 @@ printU64(char *buf, /* char [I64CHARSZ+1]; */
+ /** Convert a signed 64-bit number to ASCII. */
+ void
+ printI64(char *buf, /* char [I64CHARSZ+1]; */
+-         const U64 * pu64)
++         const struct counter64 *pu64)
+ {
+-    U64             u64a;
++    struct counter64 u64a;
+ 
+     if (pu64->high & 0x80000000) {
+         u64a.high = (uint32_t) ~pu64->high;
+@@ -429,11 +429,11 @@ printI64(char *buf, /* char [I64CHARSZ+1]; */
+     }
+ }
+ 
+-/** Convert a signed 64-bit integer from ASCII to U64. */
++/** Convert a signed 64-bit integer from ASCII to struct counter64. */
+ int
+-read64(U64 * i64, const char *str)
++read64(struct counter64 *i64, const char *str)
+ {
+-    U64             i64p;
++    struct counter64 i64p;
+     unsigned int    u;
+     int             sign = 0;
+     int             ok = 0;
+diff --git a/snmplib/read_config.c b/snmplib/read_config.c
+index e159c27..ab5b6a3 100644
+--- a/snmplib/read_config.c
++++ b/snmplib/read_config.c
+@@ -2279,10 +2279,10 @@ read_config_read_memory(int type, char *readfrom,
+         return readfrom;
+ 
+     case ASN_COUNTER64:
+-        if (*len < sizeof(U64))
++        if (*len < sizeof(struct counter64))
+             return NULL;
+-        *len = sizeof(U64);
+-        read64((U64 *) dataptr, readfrom);
++        *len = sizeof(struct counter64);
++        read64((struct counter64 *) dataptr, readfrom);
+         readfrom = skip_token(readfrom);
+         return readfrom;
+     }
+diff --git a/testing/fulltests/unit-tests/T015int64_clib.c b/testing/fulltests/unit-tests/T015int64_clib.c
+index 5f5f4b6..66f66b7 100644
+--- a/testing/fulltests/unit-tests/T015int64_clib.c
++++ b/testing/fulltests/unit-tests/T015int64_clib.c
+@@ -1,4 +1,4 @@
+-/* HEADER Testing 64-bit integer operations (U64). */
++/* HEADER Testing 64-bit integer operations (struct counter64). */
+ 
+ int i, j;
+ char buf[22];
+@@ -15,7 +15,7 @@ static const int64_t intval[] = {
+ };
+ 
+ for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) {
+-    U64 a, b;
++    struct counter64 a, b;
+     a.low = (uint32_t)intval[i];
+     a.high = (uint32_t)(intval[i] >> 32);
+     printI64(buf, &a);
+@@ -27,7 +27,7 @@ for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) {
+ 
+ for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) {
+     for (j = i; j < sizeof(intval)/sizeof(intval[0]); ++j) {
+-        U64 a, b;
++        struct counter64 a, b;
+         uint64_t d;
+         a.low = (uint32_t)intval[i];
+         a.high = (uint32_t)(intval[i] >> 32);
+@@ -43,7 +43,7 @@ for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) {
+         
+ for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) {
+     for (j = i; j < sizeof(intval)/sizeof(intval[0]); ++j) {
+-        U64 a, b, c;
++        struct counter64 a, b, c;
+         uint64_t d;
+         a.low = (uint32_t)intval[i];
+         a.high = (uint32_t)(intval[i] >> 32);
+@@ -58,7 +58,7 @@ for (i = 0; i < sizeof(intval)/sizeof(intval[0]); ++i) {
+ }
+         
+ {
+-    U64 old_val, new_val;
++    struct counter64 old_val, new_val;
+     old_val.low = 7;
+     old_val.high = 0;
+     new_val = old_val;
+-- 
+2.5.5
+
diff --git a/source/n/net-snmp/net-snmp-5.7.3-mariadb-10.2.8.diff b/source/n/net-snmp/net-snmp-5.7.3-mariadb-10.2.8.diff
new file mode 100644
index 000000000..4190fd44e
--- /dev/null
+++ b/source/n/net-snmp/net-snmp-5.7.3-mariadb-10.2.8.diff
@@ -0,0 +1,61 @@
+diff -ur net-snmp-5.7.3.save/apps/Makefile.in net-snmp-5.7.3/apps/Makefile.in
+--- net-snmp-5.7.3.save/apps/Makefile.in	2014-12-08 15:23:22.000000000 -0500
++++ net-snmp-5.7.3/apps/Makefile.in	2017-09-19 11:52:48.993729966 -0400
+@@ -204,7 +204,7 @@
+ 	$(LINK) ${CFLAGS} -o $@ snmpdf.$(OSUFFIX) ${LDFLAGS} ${LIBS}
+ 
+ libnetsnmptrapd.$(LIB_EXTENSION)$(LIB_VERSION): $(LLIBTRAPD_OBJS)
+-	$(LIB_LD_CMD) $@ ${LLIBTRAPD_OBJS} $(MIBLIB) $(USELIBS) $(PERLLDOPTS_FOR_LIBS) $(LIB_LD_LIBS)
++	$(LIB_LD_CMD) $@ ${LLIBTRAPD_OBJS} $(MIBLIB) $(USELIBS) $(PERLLDOPTS_FOR_LIBS) $(LIB_LD_LIBS) $(MYSQL_LIBS)
+ 	$(RANLIB) $@
+ 
+ snmpinforminstall:
+diff -ur net-snmp-5.7.3.save/apps/snmptrapd_sql.c net-snmp-5.7.3/apps/snmptrapd_sql.c
+--- net-snmp-5.7.3.save/apps/snmptrapd_sql.c	2014-12-08 15:23:22.000000000 -0500
++++ net-snmp-5.7.3/apps/snmptrapd_sql.c	2017-09-19 11:56:10.127008022 -0400
+@@ -50,10 +50,16 @@
+ #undef PACKAGE_STRING
+ #undef PACKAGE_TARNAME
+ #undef PACKAGE_VERSION
+-#include <my_global.h>
+-#include <my_sys.h>
+ #include <mysql.h>
+ #include <errmsg.h>
++#ifndef MYSQL_VERSION_ID
++#include <mysql_version.h>
++#endif
++#if MYSQL_VERSION_ID < 100000
++#include <my_config.h>
++#include <my_global.h>
++#include <my_sys.h>
++#endif
+ 
+ netsnmp_feature_require(container_fifo)
+ 
+@@ -437,6 +443,7 @@
+         return -1;
+     }
+ 
++#if MYSQL_VERSION_ID < 100000
+ #ifdef HAVE_BROKEN_LIBMYSQLCLIENT
+     my_init();
+ #else
+@@ -445,6 +452,7 @@
+ 
+     /** load .my.cnf values */
+     load_defaults ("my", _sql.groups, &not_argc, &not_argv);
++#endif
+     for(i=0; i < not_argc; ++i) {
+         if (NULL == not_argv[i])
+             continue;
+@@ -542,6 +550,10 @@
+         return -1;
+     }
+ 
++#if MYSQL_VERSION_ID > 100000
++    mysql_options(_sql.conn, MYSQL_READ_DEFAULT_GROUP, "snmptrapd");
++#endif
++
+     /** try to connect; we'll try again later if we fail */
+     (void) netsnmp_mysql_connect();
+ 
diff --git a/source/n/net-snmp/net-snmp-5.7.3-openssl.patch b/source/n/net-snmp/net-snmp-5.7.3-openssl.patch
new file mode 100644
index 000000000..0651a24ec
--- /dev/null
+++ b/source/n/net-snmp/net-snmp-5.7.3-openssl.patch
@@ -0,0 +1,303 @@
+diff -urNp old/apps/snmpusm.c new/apps/snmpusm.c
+--- old/apps/snmpusm.c	2014-12-08 21:23:22.000000000 +0100
++++ new/apps/snmpusm.c	2017-02-20 15:20:36.994022905 +0100
+@@ -190,7 +190,7 @@ get_USM_DH_key(netsnmp_variable_list *va
+                oid *keyoid, size_t keyoid_len) {
+     u_char *dhkeychange;
+     DH *dh;
+-    BIGNUM *other_pub;
++    BIGNUM *p, *g, *pub_key, *other_pub;
+     u_char *key;
+     size_t key_len;
+             
+@@ -205,25 +205,29 @@ get_USM_DH_key(netsnmp_variable_list *va
+         dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
+     }
+ 
+-    if (!dh || !dh->g || !dh->p) {
++    if (dh)
++        DH_get0_pqg(dh, &p, NULL, &g);
++	
++    if (!dh || !g || !p) {
+         SNMP_FREE(dhkeychange);
+         return SNMPERR_GENERR;
+     }
+ 
+-    DH_generate_key(dh);
+-    if (!dh->pub_key) {
++    if (!DH_generate_key(dh)) {
+         SNMP_FREE(dhkeychange);
+         return SNMPERR_GENERR;
+     }
+             
+-    if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
++    DH_get0_key(dh, &pub_key, NULL);
++
++    if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
+         SNMP_FREE(dhkeychange);
+         fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
+-                (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
++                (unsigned long)vars->val_len, BN_num_bytes(pub_key));
+         return SNMPERR_GENERR;
+     }
+ 
+-    BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
++    BN_bn2bin(pub_key, dhkeychange + vars->val_len);
+ 
+     key_len = DH_size(dh);
+     if (!key_len) {
+diff -urNp old/configure new/configure
+--- old/configure	2017-02-20 10:08:16.440396223 +0100
++++ new/configure	2017-02-20 10:57:15.749734281 +0100
+@@ -23176,9 +23176,9 @@ $as_echo "#define HAVE_AES_CFB128_ENCRYP
+ fi
+ 
+ 
+-            as_ac_Lib=`$as_echo "ac_cv_lib_${CRYPTO}''_EVP_MD_CTX_create" | $as_tr_sh`
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_MD_CTX_create in -l${CRYPTO}" >&5
+-$as_echo_n "checking for EVP_MD_CTX_create in -l${CRYPTO}... " >&6; }
++            as_ac_Lib=`$as_echo "ac_cv_lib_${CRYPTO}''_EVP_MD_CTX_new" | $as_tr_sh`
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_MD_CTX_new in -l${CRYPTO}" >&5
++$as_echo_n "checking for EVP_MD_CTX_new in -l${CRYPTO}... " >&6; }
+ if eval \${$as_ac_Lib+:} false; then :
+   $as_echo_n "(cached) " >&6
+ else
+@@ -23193,11 +23193,11 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+-char EVP_MD_CTX_create ();
++char EVP_MD_CTX_new ();
+ int
+ main ()
+ {
+-return EVP_MD_CTX_create ();
++return EVP_MD_CTX_new ();
+   ;
+   return 0;
+ }
+@@ -23216,10 +23216,10 @@ eval ac_res=\$$as_ac_Lib
+ $as_echo "$ac_res" >&6; }
+ if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
+ 
+-$as_echo "#define HAVE_EVP_MD_CTX_CREATE /**/" >>confdefs.h
++$as_echo "#define HAVE_EVP_MD_CTX_NEW /**/" >>confdefs.h
+ 
+ 
+-$as_echo "#define HAVE_EVP_MD_CTX_DESTROY /**/" >>confdefs.h
++$as_echo "#define HAVE_EVP_MD_CTX_FREE /**/" >>confdefs.h
+ 
+ fi
+ 
+@@ -23293,7 +23293,7 @@ char SSL_library_init ();
+ int
+ main ()
+ {
+-return SSL_library_init ();
++return OPENSSL_init_ssl(0, NULL);
+   ;
+   return 0;
+ }
+diff -urNp old/configure.d/config_os_libs2 new/configure.d/config_os_libs2
+--- old/configure.d/config_os_libs2	2014-12-08 21:23:22.000000000 +0100
++++ new/configure.d/config_os_libs2	2017-02-20 10:56:21.041616611 +0100
+@@ -292,11 +292,11 @@ if test "x$tryopenssl" != "xno" -a "x$tr
+                 AC_DEFINE(HAVE_AES_CFB128_ENCRYPT, 1,
+                     [Define to 1 if you have the `AES_cfb128_encrypt' function.]))
+ 
+-            AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_create,
+-                AC_DEFINE([HAVE_EVP_MD_CTX_CREATE], [],
+-                    [Define to 1 if you have the `EVP_MD_CTX_create' function.])
+-                AC_DEFINE([HAVE_EVP_MD_CTX_DESTROY], [],
+-                    [Define to 1 if you have the `EVP_MD_CTX_destroy' function.]))
++            AC_CHECK_LIB(${CRYPTO}, EVP_MD_CTX_new,
++                AC_DEFINE([HAVE_EVP_MD_CTX_NEW], [],
++                    [Define to 1 if you have the `EVP_MD_CTX_new' function.])
++                AC_DEFINE([HAVE_EVP_MD_CTX_FREE], [],
++                    [Define to 1 if you have the `EVP_MD_CTX_free' function.]))
+         fi
+         if echo " $transport_result_list " | $GREP "DTLS" > /dev/null; then
+ 	    AC_CHECK_LIB(ssl, DTLSv1_method,
+@@ -307,7 +307,7 @@ if test "x$tryopenssl" != "xno" -a "x$tr
+             TLSPROG=yes
+         fi
+         if echo " $transport_result_list " | $GREP "TLS" > /dev/null; then
+-	    AC_CHECK_LIB(ssl, SSL_library_init,
++	    AC_CHECK_LIB(ssl, OPENSSL_init_ssl,
+                 AC_DEFINE(HAVE_LIBSSL, 1,
+                     [Define to 1 if you have the `ssl' library (-lssl).])
+                 LIBCRYPTO=" -lssl $LIBCRYPTO",	
+diff -urNp old/include/net-snmp/net-snmp-config.h.in new/include/net-snmp/net-snmp-config.h.in
+--- old/include/net-snmp/net-snmp-config.h.in	2017-02-20 10:08:16.443522417 +0100
++++ new/include/net-snmp/net-snmp-config.h.in	2017-02-20 10:24:05.790584283 +0100
+@@ -149,11 +149,11 @@
+ /* Define to 1 if you have the `eval_pv' function. */
+ #undef HAVE_EVAL_PV
+ 
+-/* Define to 1 if you have the `EVP_MD_CTX_create' function. */
+-#undef HAVE_EVP_MD_CTX_CREATE
++/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
++#undef HAVE_EVP_MD_CTX_NEW
+ 
+-/* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */
+-#undef HAVE_EVP_MD_CTX_DESTROY
++/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
++#undef HAVE_EVP_MD_CTX_FREE
+ 
+ /* Define if you have EVP_sha224/256 in openssl */
+ #undef HAVE_EVP_SHA224
+diff -urNp old/snmplib/keytools.c new/snmplib/keytools.c
+--- old/snmplib/keytools.c	2014-12-08 21:23:22.000000000 +0100
++++ new/snmplib/keytools.c	2017-02-20 10:30:27.412068264 +0100
+@@ -149,8 +149,8 @@ generate_Ku(const oid * hashtype, u_int
+      */
+ #ifdef NETSNMP_USE_OPENSSL
+ 
+-#ifdef HAVE_EVP_MD_CTX_CREATE
+-    ctx = EVP_MD_CTX_create();
++#ifdef HAVE_EVP_MD_CTX_NEW
++    ctx = EVP_MD_CTX_new();
+ #else
+     ctx = malloc(sizeof(*ctx));
+     if (!EVP_MD_CTX_init(ctx))
+@@ -259,8 +259,8 @@ generate_Ku(const oid * hashtype, u_int
+     memset(buf, 0, sizeof(buf));
+ #ifdef NETSNMP_USE_OPENSSL
+     if (ctx) {
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
+-        EVP_MD_CTX_destroy(ctx);
++#ifdef HAVE_EVP_MD_CTX_FREE
++        EVP_MD_CTX_free(ctx);
+ #else
+         EVP_MD_CTX_cleanup(ctx);
+         free(ctx);
+diff -urNp old/snmplib/scapi.c new/snmplib/scapi.c
+--- old/snmplib/scapi.c	2014-12-08 21:23:22.000000000 +0100
++++ new/snmplib/scapi.c	2017-02-20 10:27:34.152379515 +0100
+@@ -486,14 +486,14 @@ sc_hash(const oid * hashtype, size_t has
+     }
+ 
+ /** initialize the pointer */
+-#ifdef HAVE_EVP_MD_CTX_CREATE
+-    cptr = EVP_MD_CTX_create();
++#ifdef HAVE_EVP_MD_CTX_NEW
++    cptr = EVP_MD_CTX_new();
+ #else
+     cptr = malloc(sizeof(*cptr));
+ #if defined(OLD_DES)
+     memset(cptr, 0, sizeof(*cptr));
+ #else
+-    EVP_MD_CTX_init(cptr);
++    EVP_MD_CTX_init(&cptr);
+ #endif
+ #endif
+     if (!EVP_DigestInit(cptr, hashfn)) {
+@@ -507,11 +507,11 @@ sc_hash(const oid * hashtype, size_t has
+ /** do the final pass */
+     EVP_DigestFinal(cptr, MAC, &tmp_len);
+     *MAC_len = tmp_len;
+-#ifdef HAVE_EVP_MD_CTX_DESTROY
+-    EVP_MD_CTX_destroy(cptr);
++#ifdef HAVE_EVP_MD_CTX_FREE
++    EVP_MD_CTX_free(cptr);
+ #else
+ #if !defined(OLD_DES)
+-    EVP_MD_CTX_cleanup(cptr);
++    EVP_MD_CTX_cleanup(&cptr);
+ #endif
+     free(cptr);
+ #endif
+diff -urNp old/snmplib/snmp_openssl.c new/snmplib/snmp_openssl.c
+--- old/snmplib/snmp_openssl.c	2014-12-08 21:23:22.000000000 +0100
++++ new/snmplib/snmp_openssl.c	2017-02-20 12:46:00.059727928 +0100
+@@ -47,7 +47,7 @@ void netsnmp_init_openssl(void) {
+     DEBUGMSGTL(("snmp_openssl", "initializing\n"));
+ 
+     /* Initializing OpenSSL */
+-    SSL_library_init();
++    OPENSSL_init_ssl(0, NULL);
+     SSL_load_error_strings();
+     ERR_load_BIO_strings();
+     OpenSSL_add_all_algorithms();
+@@ -164,11 +164,11 @@ netsnmp_openssl_cert_dump_names(X509 *oc
+         oname_entry = X509_NAME_get_entry(osubj_name, i);
+         netsnmp_assert(NULL != oname_entry);
+ 
+-        if (oname_entry->value->type != V_ASN1_PRINTABLESTRING)
++        if (X509_NAME_ENTRY_get_data(oname_entry)->type != V_ASN1_PRINTABLESTRING)
+             continue;
+ 
+         /** get NID */
+-        onid = OBJ_obj2nid(oname_entry->object);
++        onid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(oname_entry));
+         if (onid == NID_undef) {
+             prefix_long = prefix_short = "UNKNOWN";
+         }
+@@ -179,9 +179,9 @@ netsnmp_openssl_cert_dump_names(X509 *oc
+ 
+         DEBUGMSGT(("9:cert:dump:names",
+                    "[%02d] NID type %d, ASN type %d\n", i, onid,
+-                   oname_entry->value->type));
++                   X509_NAME_ENTRY_get_data(oname_entry)->type));
+         DEBUGMSGT(("9:cert:dump:names", "%s/%s: '%s'\n", prefix_long,
+-                   prefix_short, ASN1_STRING_data(oname_entry->value)));
++                   prefix_short, ASN1_STRING_data(X509_NAME_ENTRY_get_data(oname_entry))));
+     }
+ }
+ #endif /* NETSNMP_FEATURE_REMOVE_CERT_DUMP_NAMES */
+@@ -470,7 +470,7 @@ netsnmp_openssl_cert_get_hash_type(X509
+     if (NULL == ocert)
+         return 0;
+ 
+-    return _nid2ht(OBJ_obj2nid(ocert->sig_alg->algorithm));
++    return _nid2ht(X509_get_signature_nid(ocert));
+ }
+ 
+ /**
+@@ -487,7 +487,7 @@ netsnmp_openssl_cert_get_fingerprint(X50
+     if (NULL == ocert)
+         return NULL;
+ 
+-    nid = OBJ_obj2nid(ocert->sig_alg->algorithm);
++    nid = X509_get_signature_nid(ocert);
+     DEBUGMSGT(("9:openssl:fingerprint", "alg %d, cert nid %d (%d)\n", alg, nid,
+                _nid2ht(nid)));
+         
+diff -urNp old/win32/net-snmp/net-snmp-config.h new/win32/net-snmp/net-snmp-config.h
+--- old/win32/net-snmp/net-snmp-config.h	2014-12-08 21:23:22.000000000 +0100
++++ new/win32/net-snmp/net-snmp-config.h	2017-02-20 10:23:20.796778512 +0100
+@@ -1366,11 +1366,11 @@
+ /* Define to 1 if you have the <openssl/aes.h> header file. */
+ #define HAVE_OPENSSL_AES_H 1
+ 
+-/* Define to 1 if you have the `EVP_MD_CTX_create' function. */
+-#define HAVE_EVP_MD_CTX_CREATE 1
++/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
++#define HAVE_EVP_MD_CTX_NEW 1
+ 
+-/* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */
+-#define HAVE_EVP_MD_CTX_DESTROY 1
++/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
++#define HAVE_EVP_MD_CTX_FREE 1
+ 
+ /* Define to 1 if you have the `AES_cfb128_encrypt' function. */
+ #define HAVE_AES_CFB128_ENCRYPT 1
+diff -urNp old/win32/net-snmp/net-snmp-config.h.in new/win32/net-snmp/net-snmp-config.h.in
+--- old/win32/net-snmp/net-snmp-config.h.in	2014-12-08 21:23:22.000000000 +0100
++++ new/win32/net-snmp/net-snmp-config.h.in	2017-02-20 10:22:51.348367754 +0100
+@@ -1366,11 +1366,11 @@
+ /* Define to 1 if you have the <openssl/aes.h> header file. */
+ #define HAVE_OPENSSL_AES_H 1
+ 
+-/* Define to 1 if you have the `EVP_MD_CTX_create' function. */
+-#define HAVE_EVP_MD_CTX_CREATE 1
++/* Define to 1 if you have the `EVP_MD_CTX_new' function. */
++#define HAVE_EVP_MD_CTX_NEW 1
+ 
+-/* Define to 1 if you have the `EVP_MD_CTX_destroy' function. */
+-#define HAVE_EVP_MD_CTX_DESTROY 1
++/* Define to 1 if you have the `EVP_MD_CTX_free' function. */
++#define HAVE_EVP_MD_CTX_FREE 1
+ 
+ /* Define to 1 if you have the `AES_cfb128_encrypt' function. */
+ #define HAVE_AES_CFB128_ENCRYPT 1
diff --git a/source/n/net-snmp/net-snmp.SlackBuild b/source/n/net-snmp/net-snmp.SlackBuild
index 864fdd5a5..b44a00424 100755
--- a/source/n/net-snmp/net-snmp.SlackBuild
+++ b/source/n/net-snmp/net-snmp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2014  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2014, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=net-snmp
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-8}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,7 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
@@ -58,9 +66,19 @@ fi
 cd $TMP
 rm -rf ${PKGNAM}-${VERSION}
 tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1
-cd ${PKGNAM}-$VERSION
+cd ${PKGNAM}-$VERSION || exit 1
 
 zcat $CWD/net-snmp.net-snmp-create-v3-user.etc.snmpd.conf.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/net-snmp-5.7.3-Fix-Makefile-PL.patch.gz | patch -p1 --verbose || exit 1
+
+# Replace a typedef that conflicts with perl:
+zcat $CWD/net-snmp-5.7.3-Remove-U64-typedef.patch.gz | patch -p1 --verbose || exit 1
+
+# Add support for mariadb:
+zcat $CWD/net-snmp-5.7.3-mariadb-10.2.8.diff.gz | patch -p1 --verbose || exit 1
+
+# Support OpenSSL-1.1.x:
+zcat $CWD/net-snmp-5.7.3-openssl.patch.gz | patch -p1 --verbose || exit 1
 
 # Make sure ownerships and permissions are sane:
 chown -R root:root .
@@ -85,6 +103,7 @@ CFLAGS="$SLKCFLAGS" \
   --disable-debugging \
   --enable-static=no \
   --with-libwrap \
+  --with-mysql \
   --with-perl-modules \
   --with-default-snmp-version=3 \
   --with-sys-contact="root@example.org" \
@@ -103,6 +122,9 @@ CFLAGS="$SLKCFLAGS" \
 make INSTALLDIRS=vendor || exit 1
 make install INSTALLDIRS=vendor DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 # Evidently --mandir=/usr/man doesn't catch everything...
 if [ -d $PKG/usr/share/man/man3 ]; then
   mkdir -p $PKG/usr/man/man3
diff --git a/source/n/net-snmp/slack-desc b/source/n/net-snmp/slack-desc
index 4c2723861..eb13539d3 100644
--- a/source/n/net-snmp/slack-desc
+++ b/source/n/net-snmp/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/net-tools/get-net-tools.sh b/source/n/net-tools/get-net-tools.sh
new file mode 100755
index 000000000..22e4f4bbd
--- /dev/null
+++ b/source/n/net-tools/get-net-tools.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+# Copyright 2017  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# Pull a stable branch + patches
+BRANCH=${1:-master}
+
+# Clear download area:
+rm -rf net-tools
+
+# Clone repository:
+git clone git://net-tools.git.sourceforge.net/gitroot/net-tools/net-tools/
+
+# checkout $BRANCH:
+( cd net-tools 
+  git checkout $BRANCH || exit 1
+)
+
+HEADISAT="$( cd net-tools && git log -1 --format=%h )"
+DATE="$( cd net-tools && git log -1 --format=%ad --date=format:%Y%m%d )"
+# Cleanup.  We're not packing up the whole git repo.
+( cd net-tools && find . -type d -name ".git*" -exec rm -rf {} \; 2> /dev/null )
+mv net-tools net-tools-${DATE}_${HEADISAT}
+tar cf net-tools-${DATE}_${HEADISAT}.tar net-tools-${DATE}_${HEADISAT}
+xz -9 -f net-tools-${DATE}_${HEADISAT}.tar
+rm -rf net-tools-${DATE}_${HEADISAT}
+echo
+echo "net-tools branch $BRANCH with HEAD at $HEADISAT packaged as net-tools-${DATE}_${HEADISAT}.tar.xz"
+echo
+
diff --git a/source/n/net-tools/ipmask.8 b/source/n/net-tools/ipmask.8
index 2f9815010..ee85f74ce 100644
--- a/source/n/net-tools/ipmask.8
+++ b/source/n/net-tools/ipmask.8
@@ -12,7 +12,6 @@
 ipmask \- determine network and broadcast addresses given a decimal netmask and IP address.
 .SH SYNOPSIS
 .B ipmask <decimal netmask> <decimal IP address>
-.BI packagename
 .SH DESCRIPTION
 .B ipmask
 is a simple program to calculate broadcast and network addresses from a decimal netmask and a decimal IP address.  It is used in the Slackware networking script /etc/rc.d/rc.inet1, and in the netconfig script.
diff --git a/source/n/net-tools/net-tools.SlackBuild b/source/n/net-tools/net-tools.SlackBuild
index ce08001da..c4a15f183 100755
--- a/source/n/net-tools/net-tools.SlackBuild
+++ b/source/n/net-tools/net-tools.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2012  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,22 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=net-tools
-VERSION=${VERSION:-1.60.20120726git}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 rm -rf $PKG
@@ -43,8 +51,8 @@ mkdir -p $TMP $PKG
 
 if [ "$ARCH" = "i386" ]; then
   SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
-elif [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
 elif [ "$ARCH" = "x86_64" ]; then
@@ -68,18 +76,20 @@ find . \
   -exec chmod 644 {} \;
 
 mkdir -p $PKG/usr/doc/net-tools-$VERSION
-cp -a COPYING* README* $PKG/usr/doc/net-tools-$VERSION
+cp -a \
+  COPYING* INSTALLING README* THANKS TODO \
+  $PKG/usr/doc/net-tools-$VERSION
 chmod 644 $PKG/usr/doc/net-tools-$VERSION/*
 chown root:root $PKG/usr/doc/net-tools-$VERSION/*
-HAVE_IP_TOOLS=1 HAVE_MII=1 make || exit 1
-HAVE_IP_TOOLS=1 HAVE_MII=1 make hostname || exit 1
+HAVE_FW_MASQUERADE=1 HAVE_ARP_TOOLS=1 HAVE_HOSTNAME_TOOLS=1 \
+  HAVE_HOSTNAME_SYMLINKS=1 HAVE_IP_TOOLS=1 HAVE_MII=1 \
+  HAVE_PLIP_TOOLS=1 HAVE_SERIAL_TOOLS=1 make || exit 1
 strip --strip-unneeded ipmaddr iptunnel hostname arp ifconfig nameif rarp route netstat plipconfig slattach mii-tool
 mkdir -p $PKG/sbin $PKG/bin $PKG/usr/sbin
 cat arp > $PKG/sbin/arp
 cat ifconfig > $PKG/sbin/ifconfig
 cat rarp > $PKG/sbin/rarp
 cat route > $PKG/sbin/route
-cat hostname > $PKG/bin/hostname
 cat mii-tool > $PKG/sbin/mii-tool
 cat nameif > $PKG/sbin/nameif
 cat netstat > $PKG/bin/netstat
@@ -90,20 +100,11 @@ cat iptunnel > $PKG/sbin/iptunnel
 chmod 755 $PKG/sbin/* $PKG/bin/* $PKG/usr/sbin/*
 cd man/en_US
 mkdir -p $PKG/usr/man/man{1,5,8}
-for page in dnsdomainname.1 domainname.1 hostname.1 nisdomainname.1 \
-  ypdomainname.1 ; do
-  cat $page | gzip -9c > $PKG/usr/man/man1/$page.gz
-done
 cat ethers.5 | gzip -9c > $PKG/usr/man/man5/ethers.5.gz
 for page in arp.8 ifconfig.8 mii-tool.8 nameif.8 netstat.8 rarp.8 route.8 \
   slattach.8 plipconfig.8 ; do
   cat $page | gzip -9c > $PKG/usr/man/man8/$page.gz
 done
-( cd $PKG/bin
-  ln -sf hostname dnsdomainname
-  ln -sf hostname nisdomainname
-  ln -sf hostname ypdomainname
-)
 
 # This is a little Slackware-specific tool used in some of the network
 # related scripts to calculate network and broadcast addresses:
diff --git a/source/n/net-tools/net-tools.config.h b/source/n/net-tools/net-tools.config.h
index e271f863f..92800ee47 100644
--- a/source/n/net-tools/net-tools.config.h
+++ b/source/n/net-tools/net-tools.config.h
@@ -50,8 +50,8 @@
 #define HAVE_HWSLIP 1
 #define HAVE_HWPPP 1
 #define HAVE_HWTUNNEL 1
-#define HAVE_HWSTRIP 1
-#define HAVE_HWTR 1
+#define HAVE_HWSTRIP 0
+#define HAVE_HWTR 0
 #define HAVE_HWAX25 1
 #define HAVE_HWROSE 0
 #define HAVE_HWNETROM 1
@@ -73,6 +73,11 @@
  * 
  */
 #define HAVE_FW_MASQUERADE 1
+#define HAVE_ARP_TOOLS 1
+#define HAVE_HOSTNAME_TOOLS 1
+#define HAVE_HOSTNAME_SYMLINKS 1
 #define HAVE_IP_TOOLS 1
 #define HAVE_MII 1
+#define HAVE_PLIP_TOOLS 1
+#define HAVE_SERIAL_TOOLS 1
 #define HAVE_SELINUX 0
diff --git a/source/n/net-tools/net-tools.url b/source/n/net-tools/net-tools.url
deleted file mode 100644
index 61da371ec..000000000
--- a/source/n/net-tools/net-tools.url
+++ /dev/null
@@ -1 +0,0 @@
-# git archive --format=tar --remote=git://net-tools.git.sourceforge.net/gitroot/net-tools/net-tools master > net-tools.tar.xz
diff --git a/source/n/net-tools/slack-desc b/source/n/net-tools/slack-desc
index e49909da3..6aa3f9f86 100644
--- a/source/n/net-tools/slack-desc
+++ b/source/n/net-tools/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
          |-----handy-ruler------------------------------------------------------|
-net-tools: net-tools (base Linux networking utilities)
+net-tools: net-tools (Linux networking utilities)
 net-tools:
-net-tools: This is the core collection of tools such as "ifconfig" and "route"
-net-tools: used to configure networking on Linux.  You won't be able to do much
-net-tools: networking without this package and the network-scripts.
+net-tools: This is a collection of traditional tools such as "ifconfig" and
+net-tools: "route" that were used to configure networking on Linux. While you can
+net-tools: still make use of these tools today, they have been largely superseded
+net-tools: by newer tools such as "ip", "ifrename", and "ethtool".
 net-tools:
 net-tools: The net-tools package was maintained for many years by Phil Blundell
 net-tools: and Bernd Eckenfels.
 net-tools:
 net-tools:
-net-tools:
diff --git a/source/n/netatalk/netatalk.SlackBuild b/source/n/netatalk/netatalk.SlackBuild
index e3bed0c90..8a8858016 100755
--- a/source/n/netatalk/netatalk.SlackBuild
+++ b/source/n/netatalk/netatalk.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2012, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2012, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netatalk
 VERSION=${VERSION:-$(echo netatalk-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-6}
+BUILD=${BUILD:-7}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,6 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netatalk
 rm -rf $PKG
@@ -83,11 +92,14 @@ CPPFLAGS="-D_IPP_PRIVATE_STRUCTURES" \
   --disable-static \
   --with-shadow \
   --enable-ddp \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" \
   | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
diff --git a/source/n/netatalk/slack-desc b/source/n/netatalk/slack-desc
index 8c03df863..daa2997ad 100644
--- a/source/n/netatalk/slack-desc
+++ b/source/n/netatalk/slack-desc
@@ -1,14 +1,14 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
 netatalk: netatalk (Appletalk file and print server)
 netatalk:
-netatalk: Netatalk is an Appletalk file and print server for Linux.  Using 
+netatalk: Netatalk is an Appletalk file and print server for Linux. Using 
 netatalk: Netatalk, Macintosh computers on your local network can mount Linux 
 netatalk: volumes as if they were standard Appletalk network drives, and can
 netatalk: print to the Linux box's printer as if it were a network printer
diff --git a/source/n/netdate/netdate.SlackBuild b/source/n/netdate/netdate.SlackBuild
index f2fbe6a42..54ed0eb06 100755
--- a/source/n/netdate/netdate.SlackBuild
+++ b/source/n/netdate/netdate.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netdate
 VERSION=bsd4
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netdate
 rm -rf $PKG
diff --git a/source/n/netdate/slack-desc b/source/n/netdate/slack-desc
index c329eb333..894852d99 100644
--- a/source/n/netdate/slack-desc
+++ b/source/n/netdate/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
@@ -10,10 +10,10 @@ netdate: netdate (simple network time utility)
 netdate:
 netdate: Netdate takes a list of names of Internet hosts as arguments, selects
 netdate: the one which supplies the best time, and sets the system time
-netdate: accordingly.  The invoker must be the super-user for the time to be
-netdate: set.  Protocol names (either udp or tcp) may be interspersed with the
+netdate: accordingly. The invoker must be the super-user for the time to be
+netdate: set. Protocol names (either udp or tcp) may be interspersed with the
 netdate: host names, and determine the protocol which will be used to connect
 netdate: to the hosts whose names follow, up to the next protocol name or the
-netdate: end of the arguments.  The default protocol is udp.
+netdate: end of the arguments. The default protocol is udp.
 netdate:
 netdate: These days, "ntpdate" is probably a better choice.
diff --git a/source/n/netkit-bootparamd/netkit-bootparamd.SlackBuild b/source/n/netkit-bootparamd/netkit-bootparamd.SlackBuild
index 64cfafdf1..a5ac3f8bb 100755
--- a/source/n/netkit-bootparamd/netkit-bootparamd.SlackBuild
+++ b/source/n/netkit-bootparamd/netkit-bootparamd.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-bootparamd
 VERSION=0.17
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-bootparamd
 
diff --git a/source/n/netkit-bootparamd/slack-desc b/source/n/netkit-bootparamd/slack-desc
index 985aab132..b732fa637 100644
--- a/source/n/netkit-bootparamd/slack-desc
+++ b/source/n/netkit-bootparamd/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
                  |-----handy-ruler------------------------------------------------------|
 netkit-bootparamd: netkit-bootparamd (boot parameter server)
 netkit-bootparamd:
 netkit-bootparamd: This package provides rpc.bootparamd and callbootd, programs used to
-netkit-bootparamd: provide information to diskless clients so they can boot.  It is
+netkit-bootparamd: provide information to diskless clients so they can boot. It is
 netkit-bootparamd: used primarily to allow a Linux server to boot a Sun machine using
 netkit-bootparamd: SunOS bootparam.
 netkit-bootparamd:
diff --git a/source/n/netkit-ftp/netkit-ftp.SlackBuild b/source/n/netkit-ftp/netkit-ftp.SlackBuild
index f71e5ab63..0dd29e6fe 100755
--- a/source/n/netkit-ftp/netkit-ftp.SlackBuild
+++ b/source/n/netkit-ftp/netkit-ftp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-ftp
 VERSION=0.17
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-ftp
 
diff --git a/source/n/netkit-ftp/slack-desc b/source/n/netkit-ftp/slack-desc
index a201e8080..060f33a74 100644
--- a/source/n/netkit-ftp/slack-desc
+++ b/source/n/netkit-ftp/slack-desc
@@ -1,18 +1,18 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
           |-----handy-ruler------------------------------------------------------|
 netkit-ftp: netkit-ftp (the old BSD FTP client)
 netkit-ftp:
 netkit-ftp: Ftp is the user interface to the Internet standard File Transfer
-netkit-ftp: Protocol.  The program allows a user to transfer files to and from a
+netkit-ftp: Protocol. The program allows a user to transfer files to and from a
 netkit-ftp: remote network site.
 netkit-ftp:
-netkit-ftp: This is a program of mostly historical value.  For a more powerful
+netkit-ftp: This is a program of mostly historical value. For a more powerful
 netkit-ftp: command-line FTP client, look at something like lftp.
 netkit-ftp:
 netkit-ftp:
diff --git a/source/n/netkit-ntalk/netkit-ntalk.SlackBuild b/source/n/netkit-ntalk/netkit-ntalk.SlackBuild
index 9b41fa2d6..a3120b08a 100755
--- a/source/n/netkit-ntalk/netkit-ntalk.SlackBuild
+++ b/source/n/netkit-ntalk/netkit-ntalk.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2007-2010  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-ntalk
 VERSION=0.17
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-5}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-ntalk
 
diff --git a/source/n/netkit-ntalk/slack-desc b/source/n/netkit-ntalk/slack-desc
index 97b9d8c72..8881e711e 100644
--- a/source/n/netkit-ntalk/slack-desc
+++ b/source/n/netkit-ntalk/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
             |-----handy-ruler------------------------------------------------------|
 netkit-ntalk: netkit-ntalk (talk client and talkd daemon)
 netkit-ntalk:
 netkit-ntalk: talk and talkd are the BSD communication client server system for
-netkit-ntalk: the command line.  "talk" is the client that asks another user to
+netkit-ntalk: the command line. "talk" is the client that asks another user to
 netkit-ntalk: respond; and "in.talkd" is the server that notifies a user that
 netkit-ntalk: someone else wants to initiate a conversation.
 netkit-ntalk:
diff --git a/source/n/netkit-routed/netkit-routed.SlackBuild b/source/n/netkit-routed/netkit-routed.SlackBuild
index 8881ba418..806f85f7b 100755
--- a/source/n/netkit-routed/netkit-routed.SlackBuild
+++ b/source/n/netkit-routed/netkit-routed.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-routed
 VERSION=0.17
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-routed
 
diff --git a/source/n/netkit-routed/slack-desc b/source/n/netkit-routed/slack-desc
index b6d69fcd6..28e60fdf0 100644
--- a/source/n/netkit-routed/slack-desc
+++ b/source/n/netkit-routed/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
              |-----handy-ruler------------------------------------------------------|
@@ -15,5 +15,5 @@ netkit-routed: It used a generalized protocol capable of use with multiple addre
 netkit-routed: types, but is currently used only for Internet routing within a
 netkit-routed: cluster of networks.
 netkit-routed:
-netkit-routed: Fair warning:  routed is no longer maintained and may be insecure.
+netkit-routed: Fair warning: routed is no longer maintained and may be insecure.
 netkit-routed:
diff --git a/source/n/netkit-rsh/netkit-rsh.SlackBuild b/source/n/netkit-rsh/netkit-rsh.SlackBuild
index ee1e8ce54..d4f78e0a3 100755
--- a/source/n/netkit-rsh/netkit-rsh.SlackBuild
+++ b/source/n/netkit-rsh/netkit-rsh.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-rsh
 VERSION=0.17
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-rsh
 
@@ -45,11 +54,14 @@ echo "+=================+"
 echo "| netkit-rsh-$VERSION |"
 echo "+=================+"
 cd $TMP
-tar xzvf $CWD/netkit-rsh-$VERSION.tar.gz
-cd netkit-rsh-$VERSION
+tar xvf $CWD/netkit-rsh-$VERSION.tar.gz || exit 1
+cd netkit-rsh-$VERSION || exit 1
+zcat $CWD/netkit-rsh.arg_max.diff.gz | patch -p1 -l --verbose || exit 1
+zcat $CWD/netkit-rsh.union_wait.diff.gz | patch -p1 -l --verbose || exit 1
+zcat $CWD/netkit-rsh.auth.c.stddef.diff.gz | patch -p1 -l --verbose || exit 1
 chown -R root:root .
-./configure --prefix=/usr
-make
+./configure --prefix=/usr || exit 1
+make || exit 1
 cd rsh
 strip rsh
 mkdir -p $PKG/usr/bin
diff --git a/source/n/netkit-rsh/netkit-rsh.arg_max.diff b/source/n/netkit-rsh/netkit-rsh.arg_max.diff
new file mode 100644
index 000000000..849f7c4cc
--- /dev/null
+++ b/source/n/netkit-rsh/netkit-rsh.arg_max.diff
@@ -0,0 +1,71 @@
+--- ./rshd/rshd.c.orig	2000-07-22 23:16:24.000000000 -0500
++++ ./rshd/rshd.c	2018-04-10 02:02:57.995981067 -0500
+@@ -331,7 +331,8 @@
+ static void
+ doit(struct sockaddr_in *fromp)
+ {
+-	char cmdbuf[ARG_MAX+1];
++       char *cmdbuf;
++       long cmdbuflen;
+ 	const char *theshell, *shellname;
+ 	char locuser[16], remuser[16];
+ 	struct passwd *pwd;
+@@ -340,6 +341,18 @@
+ 	u_short port;
+ 	int pv[2], pid, ifd;
+ 
++       cmdbuflen = sysconf (_SC_ARG_MAX);
++       if (!(cmdbuflen > 0)) {
++               syslog (LOG_ERR, "sysconf (_SC_ARG_MAX) failed");
++               exit (1);
++       }
++
++       cmdbuf = malloc (++cmdbuflen);
++       if (cmdbuf == NULL) {
++               syslog (LOG_ERR, "Could not allocate space for cmdbuf");
++               exit (1);
++       }
++
+ 	signal(SIGINT, SIG_DFL);
+ 	signal(SIGQUIT, SIG_DFL);
+ 	signal(SIGTERM, SIG_DFL);
+--- ./rexecd/rexecd.c.orig	2000-07-22 23:16:22.000000000 -0500
++++ ./rexecd/rexecd.c	2018-04-10 02:04:52.629979848 -0500
+@@ -223,7 +223,8 @@
+ static void
+ doit(struct sockaddr_in *fromp)
+ {
+-	char cmdbuf[ARG_MAX+1];
++	char *cmdbuf;
++	long cmdbuflen;
+ 	char user[16], pass[16];
+ 	struct passwd *pwd;
+ 	int s = -1;
+@@ -242,6 +243,18 @@
+ #endif
+ #endif /* USE_PAM */
+ 
++       cmdbuflen = sysconf (_SC_ARG_MAX);
++       if (!(cmdbuflen > 0)) {
++               syslog (LOG_ERR, "sysconf (_SC_ARG_MAX) failed");
++               fatal ("sysconf (_SC_ARG_MAX) failed\n");
++       }
++
++       cmdbuf = malloc (++cmdbuflen);
++       if (cmdbuf == NULL) {
++               syslog (LOG_ERR, "Could not allocate space for cmdbuf");
++               fatal ("Could not allocate space for cmdbuf\n");
++       }
++
+ 	signal(SIGINT, SIG_DFL);
+ 	signal(SIGQUIT, SIG_DFL);
+ 	signal(SIGTERM, SIG_DFL);
+@@ -291,7 +304,7 @@
+ 
+ 	getstr(user, sizeof(user), "username too long\n");
+ 	getstr(pass, sizeof(pass), "password too long\n");
+-	getstr(cmdbuf, sizeof(cmdbuf), "command too long\n");
++       getstr(cmdbuf, cmdbuflen, "command too long\n");
+ #ifdef USE_PAM
+        #define PAM_BAIL if (pam_error != PAM_SUCCESS) { \
+ 	       pam_end(pamh, pam_error); exit(1); \
diff --git a/source/n/netkit-rsh/netkit-rsh.auth.c.stddef.diff b/source/n/netkit-rsh/netkit-rsh.auth.c.stddef.diff
new file mode 100644
index 000000000..e6095f61d
--- /dev/null
+++ b/source/n/netkit-rsh/netkit-rsh.auth.c.stddef.diff
@@ -0,0 +1,10 @@
+--- ./rlogind/auth.c.orig	2000-01-05 21:26:21.000000000 -0600
++++ ./rlogind/auth.c	2018-04-10 02:19:01.197970828 -0500
+@@ -33,6 +33,7 @@
+ 
+ #include <sys/types.h>
+ #include <pwd.h>
++#include <stddef.h>
+ 
+ #include "rlogind.h"
+ 
diff --git a/source/n/netkit-rsh/netkit-rsh.union_wait.diff b/source/n/netkit-rsh/netkit-rsh.union_wait.diff
new file mode 100644
index 000000000..f6a961110
--- /dev/null
+++ b/source/n/netkit-rsh/netkit-rsh.union_wait.diff
@@ -0,0 +1,20 @@
+--- ./rlogin/rlogin.c.orig	2000-07-22 23:16:22.000000000 -0500
++++ ./rlogin/rlogin.c	2018-04-10 02:10:07.255976504 -0500
+@@ -420,7 +420,7 @@
+ void
+ catch_child(int ignore)
+ {
+-	union wait status;
++	int status;
+ 	int pid;
+ 
+ 	(void)ignore;
+@@ -431,7 +431,7 @@
+ 			return;
+ 		/* if the child (reader) dies, just quit */
+ 		if (pid < 0 || (pid == childpid && !WIFSTOPPED(status)))
+-			done((int)(status.w_termsig | status.w_retcode));
++			done((int)(WTERMSIG(status) | WEXITSTATUS(status)));
+ 	}
+ 	/* NOTREACHED */
+ }
diff --git a/source/n/netkit-rsh/slack-desc b/source/n/netkit-rsh/slack-desc
index 8b5b7dc28..66013985c 100644
--- a/source/n/netkit-rsh/slack-desc
+++ b/source/n/netkit-rsh/slack-desc
@@ -1,16 +1,16 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
           |-----handy-ruler------------------------------------------------------|
 netkit-rsh: netkit-rsh (the BSD rsh/rcp/rlogin clients and daemon)
 netkit-rsh:
-netkit-rsh: The old BSD rsh suite.  Note that none of these programs provide
-netkit-rsh: encryption or strong authentication of network connections.  As such,
-netkit-rsh: their use is discouraged.  The "ssh" protocol and package is a
+netkit-rsh: The old BSD rsh suite. Note that none of these programs provide
+netkit-rsh: encryption or strong authentication of network connections. As such,
+netkit-rsh: their use is discouraged. The "ssh" protocol and package is a
 netkit-rsh: cryptographically secure replacement.
 netkit-rsh:
 netkit-rsh:
diff --git a/source/n/netkit-rusers/netkit-rusers.SlackBuild b/source/n/netkit-rusers/netkit-rusers.SlackBuild
index b8b79fb64..9a8eb7c3d 100755
--- a/source/n/netkit-rusers/netkit-rusers.SlackBuild
+++ b/source/n/netkit-rusers/netkit-rusers.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-rusers
 VERSION=0.17
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-rusers
 
diff --git a/source/n/netkit-rusers/slack-desc b/source/n/netkit-rusers/slack-desc
index f3719be14..67252f781 100644
--- a/source/n/netkit-rusers/slack-desc
+++ b/source/n/netkit-rusers/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
              |-----handy-ruler------------------------------------------------------|
 netkit-rusers: netkit-rusers (show users logged in to machines on local network)
 netkit-rusers:
 netkit-rusers: The rusers command produces output similar to who, but for the list
-netkit-rusers: of hosts or all machines on the local network.  For each host
+netkit-rusers: of hosts or all machines on the local network. For each host
 netkit-rusers: responding to the rusers query, the hostname with the names of the
-netkit-rusers: users currently logged on is printed on each line.  The rusers
+netkit-rusers: users currently logged on is printed on each line. The rusers
 netkit-rusers: command will wait for one minute to catch late responders.
 netkit-rusers:
-netkit-rusers: Portmap and rpc.rusersd must be running on remote machines.  Should
+netkit-rusers: Portmap and rpc.rusersd must be running on remote machines. Should
 netkit-rusers: probably be considered insecure (or at least ill-advised) on public
 netkit-rusers: networks.
diff --git a/source/n/netkit-rwall/netkit-rwall.SlackBuild b/source/n/netkit-rwall/netkit-rwall.SlackBuild
index 5561e4fe9..7a2105698 100755
--- a/source/n/netkit-rwall/netkit-rwall.SlackBuild
+++ b/source/n/netkit-rwall/netkit-rwall.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2010  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-rwall
 VERSION=0.17
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-rwall
 
diff --git a/source/n/netkit-rwall/slack-desc b/source/n/netkit-rwall/slack-desc
index efcd6842a..5274aa737 100644
--- a/source/n/netkit-rwall/slack-desc
+++ b/source/n/netkit-rwall/slack-desc
@@ -1,18 +1,18 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
             |-----handy-ruler------------------------------------------------------|
 netkit-rwall: netkit-rwall (send a message to all users)
 netkit-rwall:
 netkit-rwall: The rwall command sends a message to the users logged into the
-netkit-rwall: specified host.  The message to be sent can be typed in and
+netkit-rwall: specified host. The message to be sent can be typed in and
 netkit-rwall: terminated with EOF or it can be in a file.
 netkit-rwall:
-netkit-rwall: Run the rpc.rwalld daemon with caution.  It may be insecure.
+netkit-rwall: Run the rpc.rwalld daemon with caution. It may be insecure.
 netkit-rwall:
 netkit-rwall: The rwall command appeared in SunOS.
 netkit-rwall:
diff --git a/source/n/netkit-rwho/netkit-rwho.SlackBuild b/source/n/netkit-rwho/netkit-rwho.SlackBuild
index e4ba49b25..c4578a259 100755
--- a/source/n/netkit-rwho/netkit-rwho.SlackBuild
+++ b/source/n/netkit-rwho/netkit-rwho.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,20 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=netkit-rwho
 VERSION=0.17
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-rwho
 
@@ -47,6 +57,7 @@ cd netkit-rwho-$VERSION
 chown -R root:root .
 zcat $CWD/netkit-rwho-0.17.diff.gz | patch -p1 || exit
 zcat $CWD/rwhod_getloadavg.diff.gz | patch -p0 || exit
+sed -i "s/getloadavg/rwho_getloadavg/g" rwhod/rwhod.c
 ./configure --prefix=/usr
 make || exit 1
 cd rwho
diff --git a/source/n/netkit-rwho/slack-desc b/source/n/netkit-rwho/slack-desc
index 22e21eff9..62952bc4e 100644
--- a/source/n/netkit-rwho/slack-desc
+++ b/source/n/netkit-rwho/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
            |-----handy-ruler------------------------------------------------------|
 netkit-rwho: netkit-rwho (who is logged in on local machines)
 netkit-rwho:
 netkit-rwho: The rwho command produces output similar to who, but for all machines
-netkit-rwho: on the local network.  If no report has been received from a machine
+netkit-rwho: on the local network. If no report has been received from a machine
 netkit-rwho: for 11 minutes then rwho assumes the machine is down, and does not
-netkit-rwho: report users last known to be logged into that machine.  If a users
+netkit-rwho: report users last known to be logged into that machine. If a users
 netkit-rwho: hasn't typed to the system for a minute or more, then rwho reports
-netkit-rwho: this idle time.  If a user hasn't typed to the system for an hour or
+netkit-rwho: this idle time. If a user hasn't typed to the system for an hour or
 netkit-rwho: more, then the user will be omitted from the output of rwho unless
 netkit-rwho: the -a flag is given.
 netkit-rwho:
diff --git a/source/n/netkit-timed/netkit-timed.SlackBuild b/source/n/netkit-timed/netkit-timed.SlackBuild
index bd511e30c..10edab0e7 100755
--- a/source/n/netkit-timed/netkit-timed.SlackBuild
+++ b/source/n/netkit-timed/netkit-timed.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netkit-timed
 VERSION=0.17
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netkit-timed
 
diff --git a/source/n/netkit-timed/slack-desc b/source/n/netkit-timed/slack-desc
index 9c67406b0..3f8f851f0 100644
--- a/source/n/netkit-timed/slack-desc
+++ b/source/n/netkit-timed/slack-desc
@@ -1,14 +1,14 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
             |-----handy-ruler------------------------------------------------------|
 netkit-timed: netkit-timed (time server daemon)
 netkit-timed:
-netkit-timed: This is an early BSD time server daemon.  While ntpd is better for
+netkit-timed: This is an early BSD time server daemon. While ntpd is better for
 netkit-timed: most purposes, this might be useful for secure networks or embedded
 netkit-timed: systems in need of something more lightweight.
 netkit-timed:
diff --git a/source/n/netpipes/netpipes.SlackBuild b/source/n/netpipes/netpipes.SlackBuild
index 17d81bbb5..22b04f9f7 100755
--- a/source/n/netpipes/netpipes.SlackBuild
+++ b/source/n/netpipes/netpipes.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netpipes
 VERSION=4.2
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netpipes
 rm -rf $PKG
diff --git a/source/n/netpipes/slack-desc b/source/n/netpipes/slack-desc
index 3fe01b874..367b77561 100644
--- a/source/n/netpipes/slack-desc
+++ b/source/n/netpipes/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
 netpipes: netpipes (TCP/IP pipe utilities)
 netpipes:
 netpipes: Robert Forsman's netpipes package makes TCP/IP streams usable in shell
-netpipes: scripts.  It can also simplify client/server code by allowing the 
+netpipes: scripts. It can also simplify client/server code by allowing the 
 netpipes: programmer to skip all the tedious programming bits related to sockets
-netpipes: and concentrate on writing a filter/service.  Here's an example of
+netpipes: and concentrate on writing a filter/service. Here's an example of
 netpipes: what you can do with 'faucet' and 'hose', two netpipes commands:
 netpipes: 
 netpipes: server$ faucet 3000 -out tar cf - .
diff --git a/source/n/nettle/nettle.SlackBuild b/source/n/nettle/nettle.SlackBuild
index b938c6426..3934f727e 100755
--- a/source/n/nettle/nettle.SlackBuild
+++ b/source/n/nettle/nettle.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for nettle
 
@@ -22,9 +22,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=nettle
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:--j6}
 
@@ -36,7 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
diff --git a/source/n/nettle/slack-desc b/source/n/nettle/slack-desc
index 159c77de3..e6e418b59 100644
--- a/source/n/nettle/slack-desc
+++ b/source/n/nettle/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
       |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/netwatch/netwatch.SlackBuild b/source/n/netwatch/netwatch.SlackBuild
index 40338d61b..93b137423 100755
--- a/source/n/netwatch/netwatch.SlackBuild
+++ b/source/n/netwatch/netwatch.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,12 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netwatch
 VERSION=1.3.1
 EXTRAVERSION=${EXTRAVERSION:-2}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,6 +37,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-${VERSION}_${EXTRAVERSION}-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -47,7 +57,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netwatch
 rm -rf $PKG
@@ -76,13 +85,13 @@ CXXFLAGS="$SLKCFLAGS" \
   --localstatedir=/var \
   --mandir=/usr/man \
   --infodir=/usr/info \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 # Fix "make install" problem
 zcat $CWD/netwatch.makefile.diff.gz | patch -p0 --verbose || exit 1
 
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
 
 # Strip binaries and libraries
 find $PKG | xargs file | grep -e "executable" -e "shared object" \
diff --git a/source/n/netwatch/slack-desc b/source/n/netwatch/slack-desc
index a9cd4b816..112d2a3de 100644
--- a/source/n/netwatch/slack-desc
+++ b/source/n/netwatch/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/network-scripts/0001-no_hostname_in_networkmanager_conf.diff b/source/n/network-scripts/0001-no_hostname_in_networkmanager_conf.diff
new file mode 100644
index 000000000..8ce7600c6
--- /dev/null
+++ b/source/n/network-scripts/0001-no_hostname_in_networkmanager_conf.diff
@@ -0,0 +1,13 @@
+--- ./netconfig.orig	2017-11-26 13:34:37.652627697 -0600
++++ ./netconfig	2018-02-15 20:01:26.844174383 -0600
+@@ -362,10 +362,6 @@
+ 
+ # Write the hostname with domain to /etc/HOSTNAME:
+ echo $HOSTNM.$DOMAIN > etc/HOSTNAME
+-# Also make sure the hostname is written to /etc/NetworkManager/NetworkManager.conf:
+-if [ -w etc/NetworkManager/NetworkManager.conf ]; then
+-  sed -i "s/^hostname=.*$/hostname=$HOSTNM/g" etc/NetworkManager/NetworkManager.conf
+-fi
+ 
+ dialog --title "CONFIGURATION TYPE FOR '$HOSTNM.$DOMAIN'" \
+ --default-item DHCP \
diff --git a/source/n/network-scripts/0002-set_broadcast_address_and_flush_ip_after_if_down.diff b/source/n/network-scripts/0002-set_broadcast_address_and_flush_ip_after_if_down.diff
new file mode 100644
index 000000000..e963115d8
--- /dev/null
+++ b/source/n/network-scripts/0002-set_broadcast_address_and_flush_ip_after_if_down.diff
@@ -0,0 +1,22 @@
+--- ./rc.inet1.orig	2017-11-26 22:48:14.650274588 -0600
++++ ./rc.inet1	2018-02-15 20:42:45.731997047 -0600
+@@ -215,8 +215,8 @@
+       else # bring up interface using a static IP address
+         if [ -n "${IPADDR[$i]}" ]; then # skip unconfigured interfaces
+           # Set up the network card:
+-          echo "/etc/rc.d/rc.inet1:  /sbin/ip address add ${IPADDR[$i]}/${NETMASK[$i]} dev ${1}" | $LOGGER
+-          /sbin/ip address add ${IPADDR[$i]}/${NETMASK[$i]} dev ${1}
++          echo "/etc/rc.d/rc.inet1:  /sbin/ip address add ${IPADDR[$i]}/${NETMASK[$i]} broadcast + dev ${1}" | $LOGGER
++          /sbin/ip address add ${IPADDR[$i]}/${NETMASK[$i]} broadcast + dev ${1}
+           if /sbin/ip link show dev ${1} | grep -wq "state DOWN" ; then
+             /sbin/ip link set dev ${1} up  # Bring up interface
+           fi
+@@ -268,6 +268,8 @@
+     if [ -n "${BRNICS[$i]}" ]; then
+       br_close $i
+     fi
++    # Flush the address from the interface:
++    ip address flush dev ${1}
+   fi
+ }
+ 
diff --git a/source/n/network-scripts/0003-netconfig-typos-and-set-NM-default.diff b/source/n/network-scripts/0003-netconfig-typos-and-set-NM-default.diff
new file mode 100644
index 000000000..cd6bf2cc3
--- /dev/null
+++ b/source/n/network-scripts/0003-netconfig-typos-and-set-NM-default.diff
@@ -0,0 +1,165 @@
+--- ./netconfig.orig	2018-02-21 21:21:31.000000000 -0600
++++ ./netconfig	2018-04-12 14:07:10.137023035 -0500
+@@ -11,7 +11,7 @@
+ #
+ 
+ # If we're doing loopback, we don't want 127.0.0.1 and 255.255.255.0 in
+-# rc.inet1.conf... it's better to leave the values null.  However, since
++# rc.inet1.conf... it's better to leave the values null. However, since
+ # we use the IP in other places, we need to make a copy for here.
+ RCIPCOPY=$IPADDR
+ RCMASKCOPY=$NETMASK
+@@ -68,7 +68,7 @@
+ # Default gateway IP address:
+ GATEWAY="$GATEWAY"
+ 
+-# Change this to "yes" for debugging output to stdout.  Unfortunately,
++# Change this to "yes" for debugging output to stdout. Unfortunately,
+ # /sbin/hotplug seems to disable stdout so you'll only see debugging output
+ # when rc.inet1 is called directly.
+ DEBUG_ETH_UP="no"
+@@ -103,8 +103,8 @@
+ #VIRTIFUSER[1]="someuser"
+ #VIRTIFGROUP[1]="somegroup"
+ 
+-## Example config information for wlan0.  Uncomment the lines you need and fill
+-## in your data.  (You may not need all of these for your wireless network)
++## Example config information for wlan0. Uncomment the lines you need and fill
++## in your data. (You may not need all of these for your wireless network)
+ #IFNAME[4]="wlan0"
+ #IPADDR[4]=""
+ #NETMASK[4]=""
+@@ -173,7 +173,7 @@
+ /bin/cat <<EOF >$ETCNETWORKS
+ #
+ # networks	This file describes a number of netname-to-address
+-#		mappings for the TCP/IP subsystem.  It is mostly
++#		mappings for the TCP/IP subsystem. It is mostly
+ #		used at boot time, when no name servers are running.
+ #
+ 
+@@ -192,14 +192,14 @@
+ /bin/cat << EOF > $HOSTS
+ #
+ # hosts		This file describes a number of hostname-to-address
+-#		mappings for the TCP/IP subsystem.  It is mostly
++#		mappings for the TCP/IP subsystem. It is mostly
+ #		used at boot time, when no name servers are running.
+ #		On small systems, this file can be used instead of a
+ #		"named" name server.  Just add the names, addresses
+ #		and any aliases to this file...
+ #
+ # By the way, Arnt Gulbrandsen <agulbra@nvg.unit.no> says that 127.0.0.1
+-# should NEVER be named with the name of the machine.  It causes problems
++# should NEVER be named with the name of the machine. It causes problems
+ # for some (stupid) programs, irc and reputedly talk. :^)
+ #
+ 
+@@ -362,16 +362,21 @@
+ 
+ # Write the hostname with domain to /etc/HOSTNAME:
+ echo $HOSTNM.$DOMAIN > etc/HOSTNAME
++## OBSOLETE with recent NetworkManager:
++## Also make sure the hostname is written to /etc/NetworkManager/NetworkManager.conf:
++#if [ -w etc/NetworkManager/NetworkManager.conf ]; then
++#  sed -i "s/^hostname=.*$/hostname=$HOSTNM/g" etc/NetworkManager/NetworkManager.conf
++#fi
+ 
+ dialog --title "CONFIGURATION TYPE FOR '$HOSTNM.$DOMAIN'" \
+---default-item DHCP \
++--default-item NetworkManager \
+ --menu \
+ "Now we need to know how your machine connects to the network.\n\
+ If you have an internal network card and an assigned IP address, gateway, \
+-and DNS, use the 'static IP' choice to enter these values.  If your IP \
++and DNS, use the 'static IP' choice to enter these values. If your IP \
+ address is assigned by a DHCP server (commonly used by cable modem and DSL \
+-services), select 'DHCP'.  If you do not have a network card, select \
+-the 'loopback' choice.  You may also select 'NetworkManager' if you would \
++services), select 'DHCP'. If you do not have a network card, select \
++the 'loopback' choice. You may also select 'NetworkManager' if you would \
+ like to have the NetworkManager daemon automatically handle your wired and \
+ wireless network interfaces (this is simple and usually works). \
+ Which type of network setup would you like?"  20 70 4 \
+@@ -389,10 +394,10 @@
+ if [ "$REPLY" = "DHCP" ]; then
+   USE_DHCP="yes"
+   dialog --title "SET DHCP HOSTNAME"  --inputbox "Some network providers require \
+-that the DHCP hostname be set in order to connect.  If so, they'll have assigned \
++that the DHCP hostname be set in order to connect. If so, they'll have assigned \
+ a hostname to your machine, which may look something like CC-NUMBER-A (this \
+-depends on your ISP).  If you were assigned a DHCP hostname, please enter it \
+-below.  If you do not have a DHCP hostname, just hit ENTER or Cancel." 13 62 \
++depends on your ISP). If you were assigned a DHCP hostname, please enter it \
++below. If you do not have a DHCP hostname, just hit ENTER or Cancel." 13 62 \
+ 2> $TMP/SeTDHCPHOST
+   NEW_DHCPHOST="`cat $TMP/SeTDHCPHOST`"
+   rm -f $TMP/SeTDHCPHOST
+@@ -442,7 +447,7 @@
+    NETMASK=`cat $TMP/SeTnetmask`
+   fi
+   cat << EOF > $TMP/tempmsg
+-Enter your netmask.  This will generally look something
++Enter your netmask. This will generally look something
+ like this: 255.255.255.0
+ Enter netmask (aaa.bbb.ccc.ddd):
+ EOF
+@@ -556,8 +561,8 @@
+   dialog --title "PROBE FOR NETWORK CARD?" --menu "If you like, we \
+ can look to see what kind of network card you have in your machine, and \
+ if we find one create an /etc/rc.d/rc.netdevice script to load the module \
+-for it at boot time.  There's a slight bit of danger that the probing \
+-can cause problems, but it almost always works.  If you'd rather configure \
++for it at boot time. There's a slight bit of danger that the probing \
++can cause problems, but it almost always works. If you'd rather configure \
+ your system manually, you can skip the probing process and edit \
+ /etc/rc.d/rc.modules or /etc/modules.conf later to have it load the right module." \
+ 16 68 2 \
+@@ -601,7 +606,7 @@
+      fi
+      if [ ! -r /cardfound ]; then
+        dialog --title "NO CARD DETECTED" --msgbox "Sorry, but no network \
+-card could be probed for on your system.  Some cards (like non-PCI NE2000s) \
++card could be probed for on your system. Some cards (like non-PCI NE2000s) \
+ must be supplied with the I/O address to use and can't be probed for safely. \
+ You'll have to try to configure the card later by editing \
+ /etc/rc.d/rc.modules or recompiling your kernel." 9 70
+@@ -621,11 +626,11 @@
+ elif [ "$LOOPBACK" = "yes" -a "$NETWORKMANAGER" = "yes" ]; then
+   dialog --title "NETWORK SETUP COMPLETE" --yesno "Your networking \
+ system is now configured to use NetworkManager for
+-wired and wireless network management.  To set up wireless networks
++wired and wireless network management. To set up wireless networks
+ and view status, add the Network Management control panel widget to
+ your KDE desktop.
+ 
+-Is this correct?  Press 'Yes' to confirm, or 'No' to reconfigure." 0 0
++Is this correct? Press 'Yes' to confirm, or 'No' to reconfigure." 0 0
+   RETVAL=$?
+ elif [ "$USE_DHCP" = "" ]; then
+   while [ 0 ]; do
+@@ -634,8 +639,8 @@
+ --extra-label Edit \
+ --cancel-label Restart \
+ --inputmenu \
+-"These are the settings you have entered.  To accept them and complete \
+-the networking setup, press enter.  If you need to make any changes, you \
++"These are the settings you have entered. To accept them and complete \
++the networking setup, press enter. If you need to make any changes, you \
+ can do that now (or reconfigure later using 'netconfig')." \
+ 22 60 12 \
+ "Hostname:" "$HOSTNM" \
+@@ -692,11 +697,11 @@
+     chmod 755 etc/rc.d/rc.networkmanager
+   fi
+   if [ "$1" = "" ]; then
+-    dialog --msgbox "Settings accepted.  Basic network configuration is complete." 6 40
++    dialog --msgbox "Settings accepted. Basic network configuration is complete." 6 40
+   fi
+ else
+   if [ "$1" = "" ]; then
+-    dialog --msgbox "Settings discarded.  Run the 'netconfig' command again if you need to reconfigure your network settings." 6 60
++    dialog --msgbox "Settings discarded. Run the 'netconfig' command again if you need to reconfigure your network settings." 6 60
+   fi
+ fi
+ 
diff --git a/source/n/network-scripts/README.rc.inet1 b/source/n/network-scripts/README.rc.inet1
deleted file mode 100644
index 5c4a132f1..000000000
--- a/source/n/network-scripts/README.rc.inet1
+++ /dev/null
@@ -1,72 +0,0 @@
-Hi!
-Nice of you to pop by.
-
-==========================================================================
-
-Slackware 10.x replacement rc scripts by Alien.
-
-==========================================================================
-
-PREFACE:
-If you were looking for the 'http://sox.homeip.net/slackware-10.1.IHWhqM'
-URL, a word of advice. The rc.inet1 script that I put up there is still
-available in the subdirectory 'slackware-10.1.IHWhqM' that you'll find
-above.
-However, Pat Volkerding was not happy with the fact that this particular
-script breaks compatibility with older rc.inet1.conf configuration files.
-Therefore, I re-designed the pair of scripts: rc.inet1 and rc.wireless
-so that their configuration files (rc.inet1.conf and rc.wireless
-respectively) remain compatible with the stock Slackware versions.
-The new scripts that you will find here, have much more functionality
-than my first attempts (still kept for reference in the
-slackware-10.1.IHWhqM directory).
-
-So, read on for all the info you'll need about this new stuff......
-
-==========================================================================
-
-NETWORK CARD CONFIGURATION:
-A major complaint with wireless network cards, is that Slackware's
-network configuration does not allow for other interfaces than eth0,
-eth1, etc...
-
-My replacement scripts work fine for network interfaces with other names
-than eth0, etc1, ..... For instance, you can use them if you have a
-wireless interface called wlan0, or ath0, or ra0.
-
-You will need the set of rc.inet1* and rc.wireless* together - you must
-upgrade them all at once (well the *.conf files may stay the same if you
-are still using the stock Slackware scripts).
-
-These new rc scripts will offer support for arbitrary network interface
-names, but also support for WPA encryption using wpa_supplicant.
-For WPA support you must of course install wpa_supplicant too, but
-the sources, build script and Slackware package can be found under
-
-http://sox.homeip.net/slackware/slackbuilds/wpa_supplicant/
-
-Put your WPAPSK (the WPA pre-shared key) in '/etc/wpa_supplicant.conf'
-together with other wireless settings
-- look at '/etc/wpa_supplicant.sample' for inspiration.
-
->>> WEP encryption, naturally, is still supported, like before. <<<
-
-The rc.wireless script must only be run by the rc.inet1 script,
-it is not meant to be run directly by you, the user.
-
-So, to start your wlan0 interface, you run:
-  # /etc/rc.d/rc.inet1 wlan0_start
-and to restart the interface (i.e. stop, and then start again) you do:
-  # /etc/rc.d/rc.inet1 wlan0_restart
-Look at the bottom of rc.inet1.conf for examples of the (many new)
-parameters you can configure for your interfaces.
-
-I would like to receive your comments on how they work for you, so that
-they can hopefully be incorporated into Slackware 11 eventually.
-
-You can contact me in Freenode IRC in ##slackware.
-Look out for alien_ or aloon.
-
-Eric Hameleers <alien -at- sox -dot- homeip -dot- net> / 28-apr-2005 /
-
-==========================================================================
diff --git a/source/n/network-scripts/manpages/rc.inet1.8 b/source/n/network-scripts/manpages/rc.inet1.8
index 9b4d9149a..e78353a05 100644
--- a/source/n/network-scripts/manpages/rc.inet1.8
+++ b/source/n/network-scripts/manpages/rc.inet1.8
@@ -7,7 +7,7 @@
 .ie \\n(.$=0:((0\\$1)*2u>(\\n(.lu-\\n(.iu)) .TP
 .el .TP "\\$1"
 ..
-.TH RC.INET1 8 "03 Dec 2008" "Slackware Version 12.2.0"
+.TH RC.INET1 8 "12 Nov 2017" "Slackware Version 15.0"
 .SH NAME
 rc.inet1 \- Slackware network configuration script.
 .SH DESCRIPTION
@@ -100,11 +100,13 @@ and change the value `6' in the line:
 .br
 to a value that is larger than the largest index value you use.
 .LP
-The /etc/rc.d/rc.wireless script is not meant to be run on it's own by the user!
-.SH AUTHOR
+The /etc/rc.d/rc.wireless script is not meant to be run on its own by the user!
+.SH AUTHORS
+Patrick J. Volkerding <volkerdi@slackware.com>
 Eric Hameleers <alien@slackware.com>
+Robby Workman <rworkman@slackware.com>
 .SH "SEE ALSO"
 .BR rc.inet1.conf(5),
-.BR ifconfig(8),
+.BR ip(8),
 .BR iwconfig(8),
 .BR route(8)
diff --git a/source/n/network-scripts/manpages/rc.inet1.conf.5 b/source/n/network-scripts/manpages/rc.inet1.conf.5
index b23f6783b..1f790c0a4 100644
--- a/source/n/network-scripts/manpages/rc.inet1.conf.5
+++ b/source/n/network-scripts/manpages/rc.inet1.conf.5
@@ -7,7 +7,7 @@
 .ie \\n(.$=0:((0\\$1)*2u>(\\n(.lu-\\n(.iu)) .TP
 .el .TP "\\$1"
 ..
-.TH RC.INET1.CONF 5 "03 Dec 2008" "Slackware Version 12.2.0"
+.TH RC.INET1.CONF 5 "12 Nov 2017" "Slackware Version 15.0"
 .SH NAME
 rc.inet1.conf \- Slackware network configuration file.
 .SH DESCRIPTION
@@ -34,6 +34,8 @@ IPADDR[0]=""
 .br
 NETMASK[0]=""
 .br
+IPALIASES[0]=""
+.br
 USE_DHCP[0]="yes"
 .br
 DHCP_HOSTNAME[0]=""
@@ -45,7 +47,8 @@ has a non-default name (
 .I ath0
 instead of
 .I eth1
-). The array index is [1] in this case.
+), as well as an additional IP address configured on the interface.
+The array index is [1] in this case.
 .LP
 # Config information for ath0 (using static IP address):
 .br
@@ -55,11 +58,50 @@ IPADDR[1]="192.168.3.11"
 .br
 NETMASK[1]="255.255.255.0"
 .br
+IPALIASES[1]="192.168.3.100"
+.br
 USE_DHCP[1]=""
 .br
 DHCP_HOSTNAME[1]=""
 .br
 GATEWAY="192.168.3.1"
+.br
+.SH EXAMPLE VIRTUAL INTERFACE CREATION AND SETUP
+Virtual interfaces are created before any address configuration or bridge 
+setup is done, so you may use these interfaces as IFNAME or BRNICS values.
+These can be tun or tap interfaces: adjust VIRTIFNAME and VIRTIFTYPE as
+needed.
+.LP
+# Virtual tap interface example
+.br
+#VIRTIFNAME[0]="tap0"
+.br
+#VIRTIFTYPE[0]="tap"
+.br
+#VIRTIFUSER[0]="root"
+.br
+#VIRTIFGROUP[0]="root"
+.br
+.SH EXAMPLE BRIDGE CREATION AND SETUP
+Note the added "BRNICS" variable which contains a space-separated list
+of the physical or virtual network interfaces you want to add to the bridge.
+Note that the array index can not be a duplicate of that defined for some
+other interface (e.g. eth0 will be index 0 by default).
+.LP
+IFNAME[0]="br0"
+.br
+BRNICS[0]="eth0 eth1 tun0"
+.br
+IPADDR[0]="192.168.0.1"
+.br
+NETMASK[0]="255.255.255.0"
+.br
+IPALIASES[0]=""
+.br
+USE_DHCP[0]=""
+.br
+DHCP_HOSTNAME[0]=""
+.br
 .SH GENERAL PARAMETERS
 This is a list of network parameters you can set for any card (wired as well
 as wired).  The example section is for `eth0' by default, i.e.
@@ -75,6 +117,12 @@ NETMASK[0]=""
 # With a static IP address, you are required to also set a netmask
 (255.255.255.0 is common)
 .TP
+IPALIASES[0]=""
+# Space separated list of additional IP addresses to bind to the 
+interface after initial configuration is complete. If USE_DHCP is
+set to `yes' then additional addresses will only be added if the
+dhcp client invocation is successful in obtaining a primary address.
+.TP
 USE_DHCP[0]="yes"
 # If set to "yes", we will run a DHCP client and have the IP address
 dynamically assigned
@@ -86,15 +134,16 @@ DHCP_TIMEOUT[0]=15
 # The default timeout for the DHCP client to wait for server response is
 30 seconds, but you might want a shorter wait.
 .TP
-IFNAME[0]="eth0:1"
-# Set up an IP alias.
+IFNAME[0]="usb0"
+# Use this to define configuration blocks for interfaces with non-standard
+names (this should be rare these days)
 .TP
 HWADDR[0]="00:01:23:45:67:89"
 # Overrule the card's hardware MAC address
 .TP
 MTU[0]=""
 # The default MTU is 1500, but you might need 1360 when you use NAT'ed
-IPSec traffic.
+IPSec traffic. IPv6 will likely require smaller MTUs as well
 .TP
 DHCP_KEEPRESOLV[0]="yes"
 # If you do
@@ -171,7 +220,7 @@ failed (defaults to 10 seconds)
 network configuration script
 .TP
 .I /etc/rc.d/rc.inet1.conf
-configuration parameter file (is being read by rc.inet1 andrc.wireless)
+configuration parameter file (is being read by rc.inet1 and rc.wireless)
 .TP
 .I /etc/rc.d/rc.wireless
 wireless configuration script
@@ -196,7 +245,9 @@ have to edit the file
 and change the value `6' in the line
 .B MAXNICS=${MAXNICS:-6}
 to the number of network interfaces you wish to use.
-.SH AUTHOR
+.SH AUTHORS
+Patrick J. Volkerding <volkerdi@slackware.com>
 Eric Hameleers <alien@slackware.com>
+Robby Workman <rworkman@slackware.com>
 .SH "SEE ALSO"
 .BR rc.inet1(8)
diff --git a/source/n/network-scripts/network-scripts.SlackBuild b/source/n/network-scripts/network-scripts.SlackBuild
index d19c60228..b484de1d0 100755
--- a/source/n/network-scripts/network-scripts.SlackBuild
+++ b/source/n/network-scripts/network-scripts.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2015, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,13 +20,21 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=network-scripts
-VERSION=${VERSION:-14.2}
+VERSION=${VERSION:-15.0}
 ARCH=noarch
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-7}
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 
@@ -56,6 +64,15 @@ cp -a $CWD/scripts/setup.netconfig $PKG/var/log/setup
 chown root:root $PKG/var/log/setup/setup.netconfig
 chmod 755 $PKG/var/log/setup/setup.netconfig
 
+# Apply patches until rworkman takes them up in git:
+( cd $PKG/sbin
+  zcat $CWD/0001-no_hostname_in_networkmanager_conf.diff.gz | patch -p1 --verbose || exit 1
+  zcat $CWD/0003-netconfig-typos-and-set-NM-default.diff.gz | patch -p1 --verbose || exit 1
+) || exit 1
+( cd $PKG/etc/rc.d
+  zcat $CWD/0002-set_broadcast_address_and_flush_ip_after_if_down.diff.gz | patch -p1 --verbose rc.inet1.new || exit 1
+) || exit 1
+
 # Add manpages:
 mkdir -p $PKG/usr/man/man{5,8}
 cat $CWD/manpages/rc.inet1.conf.5 | gzip -9c > $PKG/usr/man/man5/rc.inet1.conf.5.gz
diff --git a/source/n/network-scripts/scripts/netconfig b/source/n/network-scripts/scripts/netconfig
index 3bd483dea..51e88bd4c 100644
--- a/source/n/network-scripts/scripts/netconfig
+++ b/source/n/network-scripts/scripts/netconfig
@@ -40,24 +40,28 @@ fi
 # Config information for eth0:
 IPADDR[0]="$RCIPCOPY"
 NETMASK[0]="$RCMASKCOPY"
+IPALIASES[0]=""
 USE_DHCP[0]="$USE_DHCP"
 DHCP_HOSTNAME[0]="$DHCP_HOSTNAME"
 
 # Config information for eth1:
 IPADDR[1]=""
 NETMASK[1]=""
+IPALIASES[1]=""
 USE_DHCP[1]=""
 DHCP_HOSTNAME[1]=""
 
 # Config information for eth2:
 IPADDR[2]=""
 NETMASK[2]=""
+IPALIASES[2]=""
 USE_DHCP[2]=""
 DHCP_HOSTNAME[2]=""
 
 # Config information for eth3:
 IPADDR[3]=""
 NETMASK[3]=""
+IPALIASES[3]=""
 USE_DHCP[3]=""
 DHCP_HOSTNAME[3]=""
 
@@ -71,16 +75,36 @@ DEBUG_ETH_UP="no"
 
 # Example of how to configure a bridge:
 # Note the added "BRNICS" variable which contains a space-separated list
-# of the physical network interfaces you want to add to the bridge.
+# of the physical or virtual network interfaces you want to add to the bridge.
 #IFNAME[0]="br0"
 #BRNICS[0]="eth0"
 #IPADDR[0]="192.168.0.1"
 #NETMASK[0]="255.255.255.0"
+#IPALIASES[0]=""
 #USE_DHCP[0]=""
 #DHCP_HOSTNAME[0]=""
 
+# Virtual interfaces to create - these are created before any address
+# configuration or bridge setup is done, so you may use these interfaces
+# as IFNAME or BRNICS values. These can be tun or tap interfaces:
+# adjust VIRTIFNAME and VIRTIFTYPE accordingly.
+# Starting with VIRTIFNAME[0] is mandatory, and each next one must be
+# incremented by one, so VIRTIFNAME[1], VIRTIFNAME[2], and so on.
+#
+# Virtual tap interface example
+#VIRTIFNAME[0]="tap0"
+#VIRTIFTYPE[0]="tap"
+#VIRTIFUSER[0]="root"
+#VIRTIFGROUP[0]="root"
+#
+# Virtual tun interface example
+#VIRTIFNAME[1]="tun0"
+#VIRTIFTYPE[1]="tun"
+#VIRTIFUSER[1]="someuser"
+#VIRTIFGROUP[1]="somegroup"
+
 ## Example config information for wlan0.  Uncomment the lines you need and fill
-## in your info.  (You may not need all of these for your wireless network)
+## in your data.  (You may not need all of these for your wireless network)
 #IFNAME[4]="wlan0"
 #IPADDR[4]=""
 #NETMASK[4]=""
@@ -90,38 +114,55 @@ DEBUG_ETH_UP="no"
 #DHCP_KEEPNTP[4]="yes"
 #DHCP_KEEPGW[4]="yes"
 #DHCP_IPADDR[4]=""
-#WLAN_ESSID[4]=BARRIER05
+#WLAN_ESSID[4]=DARKSTAR
 #WLAN_MODE[4]=Managed
-##WLAN_RATE[4]="54M auto"
-##WLAN_CHANNEL[4]="auto"
-##WLAN_KEY[4]="D5AD1F04ACF048EC2D0B1C80C7"
-##WLAN_IWPRIV[4]="set AuthMode=WPAPSK | set EncrypType=TKIP | set WPAPSK=96389dc66eaf7e6efd5b5523ae43c7925ff4df2f8b7099495192d44a774fda16"
+#WLAN_RATE[4]="54M auto"
+#WLAN_CHANNEL[4]="auto"
+#WLAN_KEY[4]="D5A31F54ACF0487C2D0B1C10D2"
+#WLAN_IWPRIV[4]="set AuthMode=WPAPSK | set EncrypType=TKIP | set WPAPSK=96389dc66eaf7e6efd5b5523ae43c7925ff4df2f8b7099495192d44a774fda16"
 #WLAN_WPA[4]="wpa_supplicant"
-#WLAN_WPADRIVER[4]="ndiswrapper"
+#WLAN_WPADRIVER[4]="wext"
+#WLAN_WPAWAIT[4]=30
 
 ## Some examples of additional network parameters that you can use.
 ## Config information for wlan0:
 #IFNAME[4]="wlan0"              # Use a different interface name instead of
                                 # the default 'eth4'
+#IFNAME[4]="eth0:1"             # Set up an IP alias.
 #HWADDR[4]="00:01:23:45:67:89"  # Overrule the card's hardware MAC address
 #MTU[4]=""                      # The default MTU is 1500, but you might need
                                 # 1360 when you use NAT'ed IPSec traffic.
+#DHCP_TIMEOUT[4]=15             # The default timeout for the DHCP client to
+                                # wait for server resonse is 15 seconds, but
+                                # you might want a shorter or longer wait.
 #DHCP_KEEPRESOLV[4]="yes"       # If you don't want /etc/resolv.conf overwritten
 #DHCP_KEEPNTP[4]="yes"          # If you don't want ntp.conf overwritten
 #DHCP_KEEPGW[4]="yes"           # If you don't want the DHCP server to change
                                 # your default gateway
 #DHCP_IPADDR[4]=""              # Request a specific IP address from the DHCP
                                 # server
-#WLAN_ESSID[4]=DARKSTAR         # Here, you can override _any_ parameter
-                                # defined in rc.wireless.conf, by prepending
-                                # 'WLAN_' to the parameter's name. Useful for
-                                # those with multiple wireless interfaces.
+#DHCP_DEBUG[4]="yes"            # Make dhcpcd show verbose diagnostics
+#DHCP_NOIPV4LL[4]="yes"         # Do not assign an ipv4ll address when a DHCP
+                                # server is not found (ipv4ll link-local
+                                # adresses in the IP range 169.254.0.0/16 are
+                                # also known as "zeroconf" addresses)
+#WLAN_ESSID[4]=DARKSTAR         # An example of how you can override _any_
+                                # parameter defined in rc.wireless.conf, by
+                                # prepending 'WLAN_' to the parameter's name.
+                                # Useful with multiple wireless interfaces.
 #WLAN_IWPRIV[4]="set AuthMode=WPAPSK | set EncrypType=TKIP | set WPAPSK=thekey"
                                 # Some drivers require a private ioctl to be
                                 # set through the iwpriv command. If more than
                                 # one is required, you can place them in the
                                 # IWPRIV parameter (separated with the pipe (|)
                                 # character, see the example).
+#WLAN_WPA[4]="wpa_supplicant"   # Run wpa_supplicant for WPA support
+#WLAN_WPADRIVER[4]="ndiswrapper"# Tell wpa_supplicant to specifically use the
+                                # ndiswrapper driver (if you leave this empty
+                                # the 'wext' driver is used by default)
+#WLAN_WPAWAIT[4]=30             # In case it takes long for the WPA association
+                                # to finish, you can increase the wait time
+                                # (defaults to 10 seconds)
 ENDFILE
 #
 ############################################################################
diff --git a/source/n/network-scripts/scripts/rc.inet1 b/source/n/network-scripts/scripts/rc.inet1
index f2d85a6d0..2f566ef89 100644
--- a/source/n/network-scripts/scripts/rc.inet1
+++ b/source/n/network-scripts/scripts/rc.inet1
@@ -16,12 +16,19 @@
 ###########
 
 # If possible, log events in /var/log/messages:
-if [ -f /var/run/syslogd.pid -a -x /usr/bin/logger ]; then
+if [ -f /var/run/syslogd.pid ] && [ -x /usr/bin/logger ]; then
   LOGGER=/usr/bin/logger
 else # output to stdout/stderr:
   LOGGER=/bin/cat
 fi
 
+# Handy wrapper for verbose logging
+debug_log() {
+  if [ "$DEBUG_ETH_UP" = "yes" ]; then
+    echo "/etc/rc.d/rc.inet1:  $*" | $LOGGER
+  fi
+}
+
 ############################
 # DETERMINE INTERFACE LIST #
 ############################
@@ -39,9 +46,7 @@ do
   IFNAME[$i]=${IFNAME[$i]:=eth${i}}
   i=$(($i+1))
 done
-if [ "$DEBUG_ETH_UP" = "yes" ]; then
-  echo "/etc/rc.d/rc.inet1:  List of interfaces: '${IFNAME[@]}'" | $LOGGER
-fi
+debug_log "List of interfaces: '${IFNAME[*]}'"
 
 ######################
 # LOOPBACK FUNCTIONS #
@@ -50,21 +55,22 @@ fi
 # Function to bring up the loopback interface.  If loopback is
 # already up, do nothing.
 lo_up() {
-  if grep lo: /proc/net/dev 1> /dev/null ; then
-    if ! /sbin/ifconfig | grep "^lo" 1> /dev/null ; then
-      echo "/etc/rc.d/rc.inet1:  /sbin/ifconfig lo 127.0.0.1" | $LOGGER
-      /sbin/ifconfig lo 127.0.0.1
-      echo "/etc/rc.d/rc.inet1:  /sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo" | $LOGGER
-      /sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
+  if [ -e /sys/class/net/lo ]; then
+    if ! /sbin/ip link show dev lo | grep -wq -e "state UP" -e "state UNKNOWN" ; then
+      echo "/etc/rc.d/rc.inet1:  /sbin/ip address add 127.0.0.1/8 dev lo" | $LOGGER
+      /sbin/ip address add 127.0.0.1/8 dev lo
+      /sbin/ip link set dev lo up
+      echo "/etc/rc.d/rc.inet1:  /sbin/ip route add 127.0.0.0/8 dev lo" | $LOGGER
+      /sbin/ip route add 127.0.0.0/8 dev lo 
     fi
   fi
 }
 
 # Function to take down the loopback interface:
 lo_down() {
-  if grep lo: /proc/net/dev 1> /dev/null ; then
-    echo "/etc/rc.d/rc.inet1:  /sbin/ifconfig lo down" | $LOGGER
-    /sbin/ifconfig lo down
+  if [ -e /sys/class/net/lo ]; then
+    echo "/etc/rc.d/rc.inet1:  /sbin/ip link set dev lo down" | $LOGGER
+    /sbin/ip link set dev lo down
   fi
 }
 
@@ -72,27 +78,48 @@ lo_down() {
 # INTERFACE FUNCTIONS #
 #######################
 
+# Function to create virtual interfaces
+virtif_create() {
+  # argument is 'i' - the position of this interface in the VIRTIFNAME array.
+  # this loop goes from i=0 to i=number_of_configured_virtual_interfaces_minus_one
+  # which means it doesn't do anything if there are none.
+  for i in $(seq 0 $((${#VIRTIFNAME[@]} - 1))); do
+    /sbin/ip tuntap add dev ${VIRTIFNAME[$i]} mode ${VIRTIFTYPE[$i]} user ${VIRTIFUSER[$i]} group ${VIRTIFGROUP[$i]}
+  done
+}
+
+# Function to destory virtual interfaces
+virtif_destroy() {
+  # argument is 'i' - the position of this interface in the VIRTIFNAME array.
+  for i in $(seq 0 $((${#VIRTIFNAME[@]} - 1))); do
+    /sbin/ip tuntap del dev ${VIRTIFNAME[$i]} mode ${VIRTIFTYPE[$i]}
+  done
+}
+
 # Function to assemble a bridge interface.
 br_open() {
   # argument is 'i' - the position of this interface in the IFNAME array.
-  /sbin/brctl addbr ${IFNAME[$1]}
-  for BRIF in $(echo ${BRNICS[$1]}); do
-    /sbin/ifconfig $BRIF down
-    /sbin/ifconfig $BRIF 0.0.0.0 promisc up
-    /sbin/brctl addif ${IFNAME[$1]} $BRIF
+  /sbin/ip link add name ${IFNAME[$1]} type bridge
+  for BRIF in ${BRNICS[$1]}; do
+    /sbin/ip link set dev $BRIF down
+    /sbin/ip address add 0.0.0.0 dev $BRIF
+    /sbin/ip link set dev $BRIF master ${IFNAME[$1]}
+    /sbin/ip link set dev $BRIF up
   done
+  /sbin/ip link set dev ${IFNAME[$1]} up
 }
 
 # Function to disassemble a bridge interface.
 br_close() {
+  /sbin/ip link set dev ${IFNAME[$1]} down
   # argument is 'i' - the position of this interface in the IFNAME array.
-  #for BRIF in $(echo ${BRNICS[$1]}); do
+  #for BRIF in ${BRNICS[$1]}; do
   for BRIF in $(ls --indicator-style=none /sys/class/net/${IFNAME[$1]}/brif/)
   do
-    /sbin/brctl delif ${IFNAME[$1]} $BRIF
+    /sbin/ip link set dev $BRIF nomaster
   done
-  /sbin/ifconfig ${IFNAME[$1]} down
-  /sbin/brctl delbr ${IFNAME[$1]}
+  /sbin/ip link set dev ${IFNAME[$1]} down
+  /sbin/ip link del ${IFNAME[$1]}
 }
 
 # Function to bring up a network interface.  If the interface is
@@ -105,26 +132,41 @@ if_up() {
     [ "${IFNAME[$i]}" = "${1}" ] && break
     i=$(($i+1))
   done
+  # If "i" is greater or equal to "MAXNICS" at this point, it means we didn't
+  # find an entry in IFNAME array corresponding to "$1", which likely means
+  # there are more interfaces configured than MAXNICS. Let's err on the
+  # side of caution and do nothing instead of possibly doing the wrong thing.
+  if [ $i -ge $MAXNICS ]; then
+    echo "/etc/rc.d/rc.inet1:  skipping ${1}, you might need to increase MAXNICS" | $LOGGER
+    return
+  fi
   # If the interface is a bridge, then create it first:
   [ -n "${BRNICS[$i]}" ] && br_open $i
   # If the interface isn't in the kernel yet (but there's an alias for it in
   # modules.conf), then it should be loaded first:
-  if ! grep `echo ${1}: | cut -f 1 -d :`: /proc/net/dev 1> /dev/null ; then # no interface yet
+  if [ -z "${IPADDR[$i]}" ] && [ "${USE_DHCP[$i]}" != "yes" ]; then # skip unconfigured interfaces
+    debug_log "skipping ${1} early, interface is not configured in /etc/rc.d/rc.inet1.conf"
+    return 0
+  fi
+  if [ ! -e /sys/class/net/${1%%:*} ]; then # no interface yet
     if /sbin/modprobe -c | grep -v "^#" | grep -w "alias ${1}" | grep -vw "alias ${1} off" > /dev/null ; then
       echo "/etc/rc.d/rc.inet1:  /sbin/modprobe ${1}" | $LOGGER
       /sbin/modprobe ${1}
     fi
   fi
-  if grep `echo ${1}: | cut -f 1 -d :`: /proc/net/dev 1> /dev/null ; then # interface exists
-    if ! /sbin/ifconfig | grep -w "${1}" 1>/dev/null || \
-      ! /sbin/ifconfig ${1} | grep -w inet 1> /dev/null ; then # interface not up or not configured
-      if [ ! "${HWADDR[$i]}" = "" ]; then # Set hardware address _before_ the interface goes up:
-        echo "/etc/rc.d/rc.inet1:  /sbin/ifconfig ${1} hw ether ${HWADDR[$i]}" | $LOGGER
-        /sbin/ifconfig ${1} hw ether ${HWADDR[$i]}
+  if [ -e /sys/class/net/${1%%:*} ]; then # interface exists
+    if ! /sbin/ip address show dev ${1} 2>/dev/null | grep -wq inet || \
+      ! /sbin/ip link show dev ${1} | grep -wq "state UP" ; then # interface not up or not configured
+      if [ -n "${HWADDR[$i]}" ]; then # Set hardware address _before_ the interface goes up:
+        echo "/etc/rc.d/rc.inet1:  /sbin/ip link set dev ${1} address ${HWADDR[$i]}" | $LOGGER
+        /sbin/ip link set dev ${1} address ${HWADDR[$i]}
+      fi
+      if [ -n "${MTU[$i]}" ]; then # Set MTU to something else than 1500
+        echo "/etc/rc.d/rc.inet1:  /sbin/ip link set dev ${1} mtu ${MTU[$i]}" | $LOGGER
+        /sbin/ip link set dev ${1} mtu ${MTU[$i]}
       fi
-      if [ ! "${MTU[$i]}" = "" ]; then # Set MTU to something else than 1500
-        echo "/etc/rc.d/rc.inet1:  /sbin/ifconfig ${1} mtu ${MTU[$i]}" | $LOGGER
-        /sbin/ifconfig ${1} mtu ${MTU[$i]}
+      if /sbin/ip link show dev ${1} | grep -wq "state DOWN" ; then
+        /sbin/ip link set dev ${1} up  # Bring up interface
       fi
       if [ -x /etc/rc.d/rc.wireless ]; then
         . /etc/rc.d/rc.wireless ${1} start # Initialize any wireless parameters
@@ -133,13 +175,13 @@ if_up() {
         # Clear DHCP_OPTIONS before adding new options to it:
         unset DHCP_OPTIONS
         # Set DHCP_OPTIONS for this interface:
-        [ ${DHCP_HOSTNAME[$i]} ] && DHCP_OPTIONS="-h ${DHCP_HOSTNAME[$i]}"
+        [ -n "${DHCP_HOSTNAME[$i]}" ] && DHCP_OPTIONS="-h ${DHCP_HOSTNAME[$i]}"
         [ "${DHCP_KEEPRESOLV[$i]}" = "yes" ] && DHCP_OPTIONS="$DHCP_OPTIONS -C resolv.conf"
         [ "${DHCP_KEEPNTP[$i]}" = "yes" ] && DHCP_OPTIONS="$DHCP_OPTIONS -C ntp.conf"
         [ "${DHCP_KEEPGW[$i]}" = "yes" ] && DHCP_OPTIONS="$DHCP_OPTIONS -G"
         [ "${DHCP_DEBUG[$i]}" = "yes" ] && DHCP_OPTIONS="$DHCP_OPTIONS -d"
         [ "${DHCP_NOIPV4LL[$i]}" = "yes" ] && DHCP_OPTIONS="$DHCP_OPTIONS -L"
-        [ ${DHCP_IPADDR[$i]} ] && DHCP_OPTIONS="$DHCP_OPTIONS -r ${DHCP_IPADDR[$i]}"
+        [ -n "${DHCP_IPADDR[$i]}" ] && DHCP_OPTIONS="$DHCP_OPTIONS -r ${DHCP_IPADDR[$i]}"
         echo "Polling for DHCP server on interface ${1}:"
         # If you set a timeout, you get one, even if the kernel doesn't think that
         # your device is connected, in case /sys isn't right (which it usually isn't
@@ -147,43 +189,54 @@ if_up() {
         #### (start commented out)
         # This is deactivated for now since the kernel has been returning incorrect
         # results concerning whether the interface carrier is detected.
-        #if [ "${DHCP_TIMEOUT[$i]}" = "" ]; then
-        #  ifconfig ${1} up && sleep 1
+        #if [ -z "${DHCP_TIMEOUT[$i]}" ]; then
+        #  /sbin/ip link set dev ${1} up && sleep 1
         #  CONNSTATUS="$(cat /sys/class/net/${1}/carrier 2> /dev/null)"
-        #  ifconfig ${1} down
+        #  /sbin/ip link set dev ${1} down
         #  if [ "$CONNSTATUS" = "0" ]; then
         #    # The kernel has just told us the cable isn't even plugged in, but we will
         #    # give any DHCP server a short chance to reply anyway:
-        #    echo "No carrier detected on ${1}.  Reducing DHCP timeout to 10 seconds."
-        #    DHCP_TIMEOUT[$i]=10
+        #    echo "No carrier detected on ${1}.  Reducing DHCP timeout to 15 seconds."
+        #    DHCP_TIMEOUT[$i]=15
         #  fi
         #fi
         #### (end commented out)
-        # 10 seconds should be a reasonable default DHCP timeout.  30 was too much.
-        echo "/etc/rc.d/rc.inet1:  /sbin/dhcpcd -t ${DHCP_TIMEOUT[$i]:-10} ${DHCP_OPTIONS} ${1}" | $LOGGER
-        /sbin/dhcpcd -t ${DHCP_TIMEOUT[$i]:-10} ${DHCP_OPTIONS} ${1}
+        # 15 seconds should be a reasonable default DHCP timeout.  30 was too much.
+        echo "/etc/rc.d/rc.inet1:  /sbin/dhcpcd -L -t ${DHCP_TIMEOUT[$i]:-15} ${DHCP_OPTIONS} ${1}" | $LOGGER
+        /sbin/dhcpcd -L -t ${DHCP_TIMEOUT[$i]:-15} ${DHCP_OPTIONS} ${1}
+        # If the dhcpcd call succeeds, add extra IP addresses, if defined, to interface
+        if [ "$?" == "0" ] && [ -n "${IPALIASES[$i]}" ]; then
+          num=0
+          for ipalias in ${IPALIASES[$i]}; do
+            /sbin/ip address add ${ipalias}/32 dev ${1} label ${1}:${num} ;
+            num=$(($num + 1))
+          done
+        fi
       else # bring up interface using a static IP address
-        if [ ! "${IPADDR[$i]}" = "" ]; then # skip unconfigured interfaces
-          # Determine broadcast address from the IP address and netmask:
-          BROADCAST[$i]=`/bin/ipmask ${NETMASK[$i]} ${IPADDR[$i]}|cut -f1 -d' '`
+        if [ -n "${IPADDR[$i]}" ]; then # skip unconfigured interfaces
           # Set up the network card:
-          echo "/etc/rc.d/rc.inet1:  /sbin/ifconfig ${1} ${IPADDR[$i]} broadcast ${BROADCAST[$i]} netmask ${NETMASK[$i]}" | $LOGGER
-          /sbin/ifconfig ${1} ${IPADDR[$i]} broadcast ${BROADCAST[$i]} netmask ${NETMASK[$i]}
-        else
-          if [ "$DEBUG_ETH_UP" = "yes" ]; then
-            echo "/etc/rc.d/rc.inet1:  ${1} interface is not configured in /etc/rc.d/rc.inet1.conf" | $LOGGER
+          echo "/etc/rc.d/rc.inet1:  /sbin/ip address add ${IPADDR[$i]}/${NETMASK[$i]} dev ${1}" | $LOGGER
+          /sbin/ip address add ${IPADDR[$i]}/${NETMASK[$i]} dev ${1}
+          if /sbin/ip link show dev ${1} | grep -wq "state DOWN" ; then
+            /sbin/ip link set dev ${1} up  # Bring up interface
           fi
+          # Add extra IP addresses, if defined, to interface
+          if [ -n "${IPALIASES[$i]}" ]; then
+            num=0
+            for ipalias in ${IPALIASES[$i]}; do
+              /sbin/ip address add ${ipalias}/32 dev ${1} label ${1}:${num} ;
+              num=$(($num + 1))
+            done
+          fi
+        else
+          debug_log "${1} interface is not configured in /etc/rc.d/rc.inet1.conf"
         fi
       fi
     else
-      if [ "$DEBUG_ETH_UP" = "yes" ]; then
-        echo "/etc/rc.d/rc.inet1:  ${1} is already up, skipping" | $LOGGER
-      fi
+      debug_log "${1} is already up, skipping"
     fi 
   else
-    if [ "$DEBUG_ETH_UP" = "yes" ]; then
-      echo "/etc/rc.d/rc.inet1:  ${1} interface does not exist (yet)" | $LOGGER
-    fi
+    debug_log "${1} interface does not exist (yet)"
   fi
 }
 
@@ -195,14 +248,18 @@ if_down() {
     [ "${IFNAME[$i]}" = "${1}" ] && break
     i=$(($i+1))
   done
-  if grep `echo ${1}: | cut -f 1 -d :`: /proc/net/dev 1> /dev/null ; then
+  if [ $i -ge $MAXNICS ]; then
+    echo "/etc/rc.d/rc.inet1:  skipping ${1}, you might need to increase MAXNICS" | $LOGGER
+    return
+  fi
+  if [ -e /sys/class/net/${1%%:*} ]; then
     if [ "${USE_DHCP[$i]}" = "yes" ]; then
       echo "/etc/rc.d/rc.inet1:  /sbin/dhcpcd -k -d ${1}" | $LOGGER
-      /sbin/dhcpcd -k -d ${1} 2> /dev/null || /sbin/ifconfig ${1} down
+      /sbin/dhcpcd -k -d ${1} 2> /dev/null || /sbin/ip link set dev ${1} down
       sleep 1
     else
-      echo "/etc/rc.d/rc.inet1:  /sbin/ifconfig ${1} down" | $LOGGER
-      /sbin/ifconfig ${1} down
+      echo "/etc/rc.d/rc.inet1:  /sbin/ip link set dev ${1} down" | $LOGGER
+      /sbin/ip link set dev ${1} down
     fi
     if [ -x /etc/rc.d/rc.wireless ]; then
       . /etc/rc.d/rc.wireless ${1} stop # Kill wireless daemons if any.
@@ -220,26 +277,27 @@ if_down() {
 
 # Function to bring up the gateway if there is not yet a default route:
 gateway_up() {
-  if ! /sbin/route -n | grep "^0.0.0.0" 1> /dev/null ; then
-    if [ ! "$GATEWAY" = "" ]; then
-      echo "/etc/rc.d/rc.inet1:  /sbin/route add default gw ${GATEWAY} metric 1" | $LOGGER
-      /sbin/route add default gw ${GATEWAY} metric 1 2>&1 | $LOGGER
+  if ! /sbin/ip route show | grep -wq default ; then
+    if [ -n "$GATEWAY" ]; then
+      echo "/etc/rc.d/rc.inet1:  /sbin/ip route add default via ${GATEWAY}" | $LOGGER
+      /sbin/ip route add default via ${GATEWAY} | $LOGGER
     fi
   fi
 }
 
 # Function to take down an existing default gateway:
 gateway_down() {
-  if /sbin/route -n | grep "^0.0.0.0" 1> /dev/null ; then
-    echo "/etc/rc.d/rc.inet1:  /sbin/route del default" | $LOGGER
-    /sbin/route del default
+  if /sbin/ip route show | grep -wq default ; then
+    echo "/etc/rc.d/rc.inet1:  /sbin/ip route del default" | $LOGGER
+    /sbin/ip route del default
   fi
 }
 
 # Function to start the network:
 start() {
   lo_up
-  for i in ${IFNAME[@]} ; do
+  virtif_create
+  for i in "${IFNAME[@]}" ; do
     if_up $i
   done
   gateway_up
@@ -248,9 +306,10 @@ start() {
 # Function to stop the network:
 stop() {
   gateway_down
-  for i in ${IFNAME[@]} ; do
+  for i in "${IFNAME[@]}" ; do
     if_down $i
   done
+  virtif_destroy
   lo_down
 }
 
@@ -260,59 +319,38 @@ stop() {
 ############
 
 case "$1" in
-'start') # "start" brings up all configured interfaces:
+start|up) # "start" (or "up") brings up all configured interfaces:
   start
   ;;
-'stop') # "stop" takes down all configured interfaces:
+stop|down) # "stop" (or "down") takes down all configured interfaces:
   stop
   ;;
-'restart') # "restart" restarts the network:
+restart) # "restart" restarts the network:
   stop
   start
   ;;
-'lo_start') # Start the loopback interface:
+lo_start|lo_up) # Start the loopback interface:
   lo_up
   ;;
-*_start) # Example: "eth1_start" will start the specified interface 'eth1'
-  INTERFACE=`echo $1 | /bin/cut -d '_' -f 1`
+lo_stop|lo_down) # Stop the loopback interface:
+  lo_down
+  ;;
+*_start|*_up) # Example: "eth1_start" (or "eth1_up") will start the specified interface 'eth1'
+  INTERFACE=$(echo $1 | /bin/cut -d '_' -f 1)
   if_up $INTERFACE
   gateway_up
   ;;
-'lo_stop') # Stop the loopback interface:
-  lo_down
-  ;;
-*_stop) # Example: "eth0_stop" will stop the specified interface 'eth0'
-  INTERFACE=`echo $1 | /bin/cut -d '_' -f 1`
+*_stop|*_down) # Example: "eth0_stop" (or "eth0_down") will stop the specified interface 'eth0'
+  INTERFACE=$(echo $1 | /bin/cut -d '_' -f 1)
   if_down $INTERFACE
   ;;
 *_restart) # Example: "wlan0_restart" will take 'wlan0' down and up again
-  INTERFACE=`echo $1 | /bin/cut -d '_' -f 1`
+  INTERFACE=$(echo $1 | /bin/cut -d '_' -f 1)
   if_down $INTERFACE
   sleep 1
   if_up $INTERFACE
   gateway_up
   ;;
-'up') # "up" does the same thing as "start"
-  start
-  ;;
-'down') # "down" does the same thing as "stop"
-  stop
-  ;;
-'lo_up') # Start the loopback interface:
-  lo_up
-  ;;
-*_up) # "*_up" does the same thing as "*_start"
-  INTERFACE=`echo $1 | /bin/cut -d '_' -f 1`
-  if_up $INTERFACE
-  gateway_up
-  ;;
-'lo_down') # Stop the loopback interface:
-  lo_down
-  ;;
-*_down) # "*_down" does the same thing as "*_stop"
-  INTERFACE=`echo $1 | /bin/cut -d '_' -f 1`
-  if_down $INTERFACE
-  ;;
 *) # The default is to bring up all configured interfaces:
   start
 esac
diff --git a/source/n/network-scripts/scripts/rc.inet1.conf b/source/n/network-scripts/scripts/rc.inet1.conf
index 85a8041ba..58766d259 100644
--- a/source/n/network-scripts/scripts/rc.inet1.conf
+++ b/source/n/network-scripts/scripts/rc.inet1.conf
@@ -16,24 +16,28 @@
 # Config information for eth0:
 IPADDR[0]=""
 NETMASK[0]=""
+IPALIASES[0]=""
 USE_DHCP[0]=""
 DHCP_HOSTNAME[0]=""
 
 # Config information for eth1:
 IPADDR[1]=""
 NETMASK[1]=""
+IPALIASES[1]=""
 USE_DHCP[1]=""
 DHCP_HOSTNAME[1]=""
 
 # Config information for eth2:
 IPADDR[2]=""
 NETMASK[2]=""
+IPALIASES[2]=""
 USE_DHCP[2]=""
 DHCP_HOSTNAME[2]=""
 
 # Config information for eth3:
 IPADDR[3]=""
 NETMASK[3]=""
+IPALIASES[3]=""
 USE_DHCP[3]=""
 DHCP_HOSTNAME[3]=""
 
@@ -47,14 +51,34 @@ DEBUG_ETH_UP="no"
 
 # Example of how to configure a bridge:
 # Note the added "BRNICS" variable which contains a space-separated list
-# of the physical network interfaces you want to add to the bridge.
+# of the physical or virtual network interfaces you want to add to the bridge.
 #IFNAME[0]="br0"
 #BRNICS[0]="eth0"
 #IPADDR[0]="192.168.0.1"
 #NETMASK[0]="255.255.255.0"
+#IPALIASES[0]=""
 #USE_DHCP[0]=""
 #DHCP_HOSTNAME[0]=""
 
+# Virtual interfaces to create - these are created before any address
+# configuration or bridge setup is done, so you may use these interfaces
+# as IFNAME or BRNICS values. These can be tun or tap interfaces:
+# adjust VIRTIFNAME and VIRTIFTYPE accordingly.
+# Starting with VIRTIFNAME[0] is mandatory, and each next one must be
+# incremented by one, so VIRTIFNAME[1], VIRTIFNAME[2], and so on.
+#
+# Virtual tap interface example
+#VIRTIFNAME[0]="tap0"
+#VIRTIFTYPE[0]="tap"
+#VIRTIFUSER[0]="root"
+#VIRTIFGROUP[0]="root"
+#
+# Virtual tun interface example
+#VIRTIFNAME[1]="tun0"
+#VIRTIFTYPE[1]="tun"
+#VIRTIFUSER[1]="someuser"
+#VIRTIFGROUP[1]="somegroup"
+
 ## Example config information for wlan0.  Uncomment the lines you need and fill
 ## in your data.  (You may not need all of these for your wireless network)
 #IFNAME[4]="wlan0"
@@ -85,7 +109,7 @@ DEBUG_ETH_UP="no"
 #MTU[4]=""                      # The default MTU is 1500, but you might need
                                 # 1360 when you use NAT'ed IPSec traffic.
 #DHCP_TIMEOUT[4]=15             # The default timeout for the DHCP client to
-                                # wait for server resonse is 10 seconds, but
+                                # wait for server resonse is 15 seconds, but
                                 # you might want a shorter or longer wait.
 #DHCP_KEEPRESOLV[4]="yes"       # If you don't want /etc/resolv.conf overwritten
 #DHCP_KEEPNTP[4]="yes"          # If you don't want ntp.conf overwritten
diff --git a/source/n/network-scripts/scripts/rc.inet2 b/source/n/network-scripts/scripts/rc.inet2
index 4f51a330c..300ede3ee 100644
--- a/source/n/network-scripts/scripts/rc.inet2
+++ b/source/n/network-scripts/scripts/rc.inet2
@@ -101,6 +101,11 @@ if [ -x /etc/rc.d/rc.yp ]; then
   /etc/rc.d/rc.yp start
 fi
 
+# Start OpenVPN:
+if [ -x /etc/rc.d/rc.openvpn ]; then
+  /etc/rc.d/rc.openvpn start
+fi
+
 # Start the NFS server.  Note that for this to work correctly, you'll
 # need nfsd support in the kernel (the startup script will try to load
 # the module for you).
diff --git a/source/n/network-scripts/slack-desc b/source/n/network-scripts/slack-desc
index f30ebbf9e..981b43606 100644
--- a/source/n/network-scripts/slack-desc
+++ b/source/n/network-scripts/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
                |-----handy-ruler------------------------------------------------------|
 network-scripts: network-scripts (Scripts to configure a network)
 network-scripts:
 network-scripts: These are the basic scripts and files used to define a network and
-network-scripts: configure network interfaces on Linux.  Most of the original
+network-scripts: configure network interfaces on Linux. Most of the original
 network-scripts: /etc files were written by Fred N. van Kempen, or borrowed from BSD.
 network-scripts: The rc.inet1 and rc.inet2 scripts were mostly written by Patrick
 network-scripts: Volkerding, with suggestions and fixes from hundreds of contributors
diff --git a/source/n/netwrite/netwrite.SlackBuild b/source/n/netwrite/netwrite.SlackBuild
index c667d3aa3..4027e4528 100755
--- a/source/n/netwrite/netwrite.SlackBuild
+++ b/source/n/netwrite/netwrite.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,23 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=netwrite
 VERSION=0.17
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-netwrite
 
diff --git a/source/n/netwrite/slack-desc b/source/n/netwrite/slack-desc
index 3ea62c0f0..1a011c64f 100644
--- a/source/n/netwrite/slack-desc
+++ b/source/n/netwrite/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
@@ -10,9 +10,9 @@ netwrite: netwrite (in.writed daemon for accepting network "write")
 netwrite:
 netwrite: Writed implements a very simple protocol that allows a write(1)
 netwrite: program on one host to connect up to one on another host, allowing
-netwrite: communications across the network.  Writed is meant to be run from
-netwrite: inetd(8) listening for TCP requests on port 811.  No attempt is made
-netwrite: to determine the authenticity of users sending messages.  This
+netwrite: communications across the network. Writed is meant to be run from
+netwrite: inetd(8) listening for TCP requests on port 811. No attempt is made
+netwrite: to determine the authenticity of users sending messages. This
 netwrite: program should probably not be deployed on insecure networks.
 netwrite:
 netwrite:
diff --git a/source/n/newspost/newspost.SlackBuild b/source/n/newspost/newspost.SlackBuild
index cd01269a6..129801399 100755
--- a/source/n/newspost/newspost.SlackBuild
+++ b/source/n/newspost/newspost.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,22 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=newspost
 VERSION=2.1.1
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-newspost
 
@@ -53,6 +63,8 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+zcat $CWD/newspost.getline.diff.gz | patch -p1 --verbose || exit 1
+
 make $NUMJOBS || make || exit 1
 
 mkdir -p $PKG/usr/bin
diff --git a/source/n/newspost/newspost.getline.diff b/source/n/newspost/newspost.getline.diff
new file mode 100644
index 000000000..f85492874
--- /dev/null
+++ b/source/n/newspost/newspost.getline.diff
@@ -0,0 +1,57 @@
+diff -u -r newspost-2.1.1.orig/base/newspost.c newspost-2.1.1/base/newspost.c
+--- newspost-2.1.1.orig/base/newspost.c	2003-04-23 10:33:23.000000000 -0500
++++ newspost-2.1.1/base/newspost.c	2018-02-02 16:14:51.133929233 -0600
+@@ -342,7 +342,7 @@
+ 	file = fopen(filename, "r");
+ 	if (file != NULL) {
+ 		while (!feof(file)) {
+-			line = getline(line, file);
++			line = newspost_getline(line, file);
+ 			if(line == NULL){
+ 				text_buffer = buff_add(text_buffer, "\r\n");
+ 				continue;
+diff -u -r newspost-2.1.1.orig/base/utils.c newspost-2.1.1/base/utils.c
+--- newspost-2.1.1.orig/base/utils.c	2003-04-23 10:33:23.000000000 -0500
++++ newspost-2.1.1/base/utils.c	2018-02-02 16:14:36.751929386 -0600
+@@ -43,7 +43,7 @@
+ 	return NULL;
+ }
+ 
+-Buff * getline(Buff *buff, FILE *file){
++Buff * newspost_getline(Buff *buff, FILE *file){
+ 	char c = fgetc(file);
+ 	buff = buff_free(buff);
+ 	while(TRUE){
+diff -u -r newspost-2.1.1.orig/base/utils.h newspost-2.1.1/base/utils.h
+--- newspost-2.1.1.orig/base/utils.h	2003-02-08 09:09:41.000000000 -0600
++++ newspost-2.1.1/base/utils.h	2018-02-02 16:15:07.069929063 -0600
+@@ -26,7 +26,7 @@
+ file_entry * file_entry_alloc();
+ file_entry * file_entry_free(file_entry *fe);
+ 
+-Buff * getline(Buff *buff, FILE *file);
++Buff * newspost_getline(Buff *buff, FILE *file);
+ Buff *buff_add(Buff *buff, char *data, ... );
+ Buff * buff_free(Buff *buff);
+ Buff *buff_create(Buff *buff, char *data, ... );
+diff -u -r newspost-2.1.1.orig/ui/options.c newspost-2.1.1/ui/options.c
+--- newspost-2.1.1.orig/ui/options.c	2003-04-23 10:33:33.000000000 -0500
++++ newspost-2.1.1/ui/options.c	2018-02-02 16:16:53.144927936 -0600
+@@ -332,7 +332,7 @@
+ 		file = fopen(filename->data, "r");
+ 		if (file != NULL) {
+ 			while (!feof(file)) {
+-				line = getline(line, file);
++				line = newspost_getline(line, file);
+ 				linenum++;
+ 				if(line == NULL) continue;
+ 
+@@ -429,7 +429,7 @@
+ 				linenum = 0;
+ 				while (linenum < 8) {
+ 					linenum++;
+-					line = getline(line, file);
++					line = newspost_getline(line, file);
+ 					if(line == NULL) continue;
+ 
+ 					switch (linenum) {
diff --git a/source/n/newspost/slack-desc b/source/n/newspost/slack-desc
index b9edc7a46..39781564b 100644
--- a/source/n/newspost/slack-desc
+++ b/source/n/newspost/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
 newspost: newspost (binary posting utility)
 newspost:
-newspost: Newspost is a usenet binary autoposter.  It will uuencode or yencode
-newspost: files and post them to usenet newsgroups.  In addition, it can
+newspost: Newspost is a usenet binary autoposter. It will uuencode or yencode
+newspost: files and post them to usenet newsgroups. In addition, it can
 newspost: automatically generate and post .SFV checksum files and .PAR parity
 newspost: files.
 newspost:
 newspost: Newspost was mostly  written by Jim Faulkner, with some help from
-newspost: William McBrine.  Portions borrowed from cksfv by Bryan Call, and
+newspost: William McBrine. Portions borrowed from cksfv by Bryan Call, and
 newspost: parchive by Willem Monsuwe.
 newspost:
diff --git a/source/n/nfacct/nfacct.SlackBuild b/source/n/nfacct/nfacct.SlackBuild
index 96d9d2da3..b7c41ff03 100755
--- a/source/n/nfacct/nfacct.SlackBuild
+++ b/source/n/nfacct/nfacct.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for nfacct
 
@@ -22,28 +22,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=nfacct
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "i686" ]; then
   SLKCFLAGS="-O2 -march=i686 -mtune=i686"
diff --git a/source/n/nfacct/slack-desc b/source/n/nfacct/slack-desc
index 18bd3df38..de3e523e7 100644
--- a/source/n/nfacct/slack-desc
+++ b/source/n/nfacct/slack-desc
@@ -2,14 +2,14 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
       |-----handy-ruler------------------------------------------------------|
 nfacct: nfacct (tool to create/retrieve/delete accounting objects)
 nfacct:
 nfacct: nfacct is the command line tool to create/retrieve/delete accounting
-nfacct: objects.  
+nfacct: objects. 
 nfacct:
 nfacct: The main features of nfacct are:
 nfacct: - listing the objects of the nfacct table in plain text/XML
diff --git a/source/n/nfs-utils/doinst.sh b/source/n/nfs-utils/doinst.sh
index 0523f4e7e..911a88cc2 100644
--- a/source/n/nfs-utils/doinst.sh
+++ b/source/n/nfs-utils/doinst.sh
@@ -13,7 +13,6 @@ config() {
 config var/lib/nfs/etab.new
 config var/lib/nfs/rmtab.new
 config var/lib/nfs/state.new
-config var/lib/nfs/xtab.new
 rm -f var/lib/nfs/*.new
 chown -R rpc:rpc var/lib/nfs
 if [ -x etc/rc.d/rc.nfsd ]; then
@@ -21,6 +20,7 @@ if [ -x etc/rc.d/rc.nfsd ]; then
 else
   chmod 644 etc/rc.d/rc.nfsd.new
 fi
+config etc/default/nfs.new
 config etc/rc.d/rc.nfsd.new
 config etc/nfsmount.conf.new
 config etc/exports.new
diff --git a/source/n/nfs-utils/exports b/source/n/nfs-utils/exports
new file mode 100644
index 000000000..418ac6b66
--- /dev/null
+++ b/source/n/nfs-utils/exports
@@ -0,0 +1,4 @@
+# See exports(5) for a description.
+# This file contains a list of all directories exported to other computers.
+# It is used by rpc.nfsd and rpc.mountd.
+
diff --git a/source/n/nfs-utils/ignore_unsupported_address_types_in_nfssvc_setfds.diff b/source/n/nfs-utils/ignore_unsupported_address_types_in_nfssvc_setfds.diff
deleted file mode 100644
index 6384888e9..000000000
--- a/source/n/nfs-utils/ignore_unsupported_address_types_in_nfssvc_setfds.diff
+++ /dev/null
@@ -1,37 +0,0 @@
-From: Christoph Hellwig <hch at lst.de>
-Subject: nfsd: ignore unsupported address types in nfssvc_setfds
-
-Just continue and try a different record returned from getaddrinfo
-if the kernel does not support an address family.  This fixes nfsd
-startup on kernels without IPv6 support.
-
-Suggested-by: Chuck Lever <chuck.lever at oracle.com>
-Signed-off-by: Christoph Hellwig <hch at lst.de>
-
-diff --git a/utils/nfsd/nfssvc.c b/utils/nfsd/nfssvc.c
-index a2b11d8..fc11d23 100644
---- a/utils/nfsd/nfssvc.c
-+++ b/utils/nfsd/nfssvc.c
-@@ -174,15 +174,14 @@ nfssvc_setfds(const struct addrinfo *hints, const char *node, const char *port)
-               sockfd = socket(addr->ai_family, addr->ai_socktype,
-                               addr->ai_protocol);
-               if (sockfd < 0) {
--                      if (errno == EAFNOSUPPORT)
--                              xlog(L_NOTICE, "address family %s not "
--                                              "supported by protocol %s",
--                                              family, proto);
--                      else
-+                      if (errno != EAFNOSUPPORT) {
-                               xlog(L_ERROR, "unable to create %s %s socket: "
-                                    "errno %d (%m)", family, proto, errno);
--                      rc = errno;
--                      goto error;
-+                              rc = errno;
-+                              goto error;
-+                      }
-+                      addr = addr->ai_next;
-+                      continue;
-               }
- #ifdef IPV6_SUPPORTED
-               if (addr->ai_family == AF_INET6 &&
---
diff --git a/source/n/nfs-utils/nfs-utils-1.3.3.tar.sign b/source/n/nfs-utils/nfs-utils-1.3.3.tar.sign
deleted file mode 100644
index 0fcb786fc..000000000
--- a/source/n/nfs-utils/nfs-utils-1.3.3.tar.sign
+++ /dev/null
diff --git a/source/n/nfs-utils/nfs-utils-2.3.1.tar.sign b/source/n/nfs-utils/nfs-utils-2.3.1.tar.sign
new file mode 100644
index 000000000..7d476e093
--- /dev/null
+++ b/source/n/nfs-utils/nfs-utils-2.3.1.tar.sign
diff --git a/source/n/nfs-utils/nfs-utils.SlackBuild b/source/n/nfs-utils/nfs-utils.SlackBuild
index e88004795..147a69b82 100755
--- a/source/n/nfs-utils/nfs-utils.SlackBuild
+++ b/source/n/nfs-utils/nfs-utils.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2013, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-VERSION=1.3.3
+PKGNAM=nfs-utils
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
@@ -34,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -46,30 +56,33 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-nfs-utils
 
 rm -rf $PKG
 mkdir -p $TMP $PKG
 
-# Explode the package framework:
-cd $PKG
-explodepkg $CWD/_nfs-utils.tar.gz
+# Add defaults file:
+mkdir -p $PKG/etc/default
+cat $CWD/nfs.default > $PKG/etc/default/nfs.new
 
 # Add startup script:
+mkdir -p $PKG/etc/rc.d
 cat $CWD/rc.nfsd > $PKG/etc/rc.d/rc.nfsd.new
 # Off by default, unless there's a previous version that's turned on:
 chmod 644 $PKG/etc/rc.d/rc.nfsd.new
 
+# Add /etc/exports:
+cp -a $CWD/exports $PKG/etc/exports.new
+chown root:root $PKG/etc/exports.new
+chmod 644 $PKG/etc/exports.new
+
 cd $TMP
 rm -rf nfs-utils-$VERSION
-tar xvf $CWD/nfs-utils-$VERSION.tar.xz || exit 1
+tar xvf $CWD/nfs-utils-$VERSION.tar.?z || exit 1
 cd nfs-utils-$VERSION || exit 1
 
 zcat $CWD/nfs-utils.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1
-# Fix problems on machines without IPv6:
-zcat $CWD/ignore_unsupported_address_types_in_nfssvc_setfds.diff.gz | patch -p1 -l --verbose || exit 1
 
 chown -R root:root .
 find . \
@@ -91,7 +104,7 @@ CFLAGS="$SLKCFLAGS" \
   --enable-tirpc=yes \
   --program-prefix= \
   --program-suffix= \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
@@ -100,12 +113,13 @@ make install DESTDIR=$PKG || exit 1
 cat ./utils/mount/nfsmount.conf > $PKG/etc/nfsmount.conf.new
 mkdir -p $PKG/usr/man/man5
 cat ./utils/mount/nfsmount.conf.man > $PKG/usr/man/man5/nfsmount.conf.5
+
 # Set default protocol version 3:
 sed -i "s/# Defaultvers=4/Defaultvers=3/g" $PKG/etc/nfsmount.conf.new
 
 # These might be in use:
 ( cd $PKG/var/lib/nfs
-  for config_file in etab rmtab state xtab ; do
+  for config_file in etab rmtab state ; do
     mv ${config_file} ${config_file}.new
   done
 )
@@ -121,6 +135,9 @@ mv $PKG/usr/sbin/rpc.statd $PKG/sbin
 # Chown /var/lib/nfs so that rpc.statd runs as rpc:rpc:
 chown -R rpc:rpc $PKG/var/lib/nfs
 
+# Create log directory:
+mkdir -p $PKG/var/log/nfsd
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" \
   | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
diff --git a/source/n/nfs-utils/nfs.default b/source/n/nfs-utils/nfs.default
new file mode 100644
index 000000000..94e574038
--- /dev/null
+++ b/source/n/nfs-utils/nfs.default
@@ -0,0 +1,10 @@
+# See also /etc/default/rpc
+
+# Optional arguments passed to rpc.nfsd. See rpc.nfsd(8)
+# Turn off v2 and v3 protocol support:
+#RPC_NFSD_OPTS="-N 2 -N 3"
+# Turn off v4 protocol support:
+#RPC_NFSD_OPTS="-N 4"
+# Number of nfs server processes to be started.
+# The default is 8.
+#RPC_NFSD_COUNT=8
diff --git a/source/n/nfs-utils/rc.nfsd b/source/n/nfs-utils/rc.nfsd
index b43bd3b8c..965db6b4c 100644
--- a/source/n/nfs-utils/rc.nfsd
+++ b/source/n/nfs-utils/rc.nfsd
@@ -7,6 +7,14 @@
 #
 # Written for Slackware Linux by Patrick J. Volkerding <volkerdi@slackware.com>.
 
+# Source default settings:
+if [ -r /etc/default/rpc ]; then
+  . /etc/default/rpc
+fi
+if [ -r /etc/default/nfs ]; then
+  . /etc/default/nfs
+fi
+
 nfsd_start() {
   # Sanity checks.  Exit if there's no /etc/exports, or if there aren't any
   # shares defined in it.
@@ -51,19 +59,28 @@ nfsd_start() {
   fi
 
   if [ -x /usr/sbin/rpc.rquotad ]; then
-    echo "  /usr/sbin/rpc.rquotad"
-    /usr/sbin/rpc.rquotad
+    if [ -n "$RPC_RQUOTAD_PORT" ]; then
+      RPC_RQUOTAD_OPTS="$RPC_RQUOTAD_OPTS -p $RPC_RQUOTAD_PORT"
+    fi
+    echo "  /usr/sbin/rpc.rquotad $RPC_RQUOTAD_OPTS"
+    /usr/sbin/rpc.rquotad $RPC_RQUOTAD_OPTS
   fi
 
-  # Start 8 nfsd servers by default (an old Sun standard):
+  # Start nfsd servers - 8 if not set otherwise (an old Sun standard):
   if [ -x /usr/sbin/rpc.nfsd ]; then
-    echo "  /usr/sbin/rpc.nfsd 8"
-    /usr/sbin/rpc.nfsd 8
+    if [ -z "$RPC_NFSD_COUNT" ]; then
+      RPC_NFSD_COUNT=8
+    fi
+    echo "  /usr/sbin/rpc.nfsd $RPC_NFSD_OPTS $RPC_NFSD_COUNT"
+    /usr/sbin/rpc.nfsd $RPC_NFSD_OPTS $RPC_NFSD_COUNT
   fi
 
   if [ -x /usr/sbin/rpc.mountd ]; then
-    echo "  /usr/sbin/rpc.mountd"
-    /usr/sbin/rpc.mountd
+    if [ -n "$RPC_MOUNTD_PORT" ]; then
+      RPC_MOUNTD_OPTS="$RPC_MOUNTD_OPTS -p $RPC_MOUNTD_PORT"
+    fi
+    echo "  /usr/sbin/rpc.mountd $RPC_MOUNTD_OPTS"
+    /usr/sbin/rpc.mountd $RPC_MOUNTD_OPTS
   fi
 
 }
diff --git a/source/n/nfs-utils/slack-desc b/source/n/nfs-utils/slack-desc
index 09eefaa44..1a5454d46 100644
--- a/source/n/nfs-utils/slack-desc
+++ b/source/n/nfs-utils/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
          |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/nftables/nftables.SlackBuild b/source/n/nftables/nftables.SlackBuild
index b9a04f1b2..307a30db8 100755
--- a/source/n/nftables/nftables.SlackBuild
+++ b/source/n/nftables/nftables.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2014  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2014, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=nftables
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -36,6 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -59,7 +68,7 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
+tar xf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 
 chown -R root:root .
@@ -79,6 +88,7 @@ LIBS="-lncursesw" \
   --localstatedir=/var \
   --mandir=/usr/man \
   --docdir=/usr/doc/$PKGNAM-$VERSION \
+  --with-xtables \
   --disable-static \
   --build=$ARCH-slackware-linux || exit 1
 
diff --git a/source/n/nftables/slack-desc b/source/n/nftables/slack-desc
index 7071141d1..d1b170437 100644
--- a/source/n/nftables/slack-desc
+++ b/source/n/nftables/slack-desc
@@ -2,14 +2,14 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
         |-----handy-ruler------------------------------------------------------|
 nftables: nftables (packet filtering and classification)
 nftables:
 nftables: nftables provides a new packet filtering framework, a new userspace
-nftables: utility, and also a compatibility layer for {ip,ip6}tables.  nftables
+nftables: utility, and also a compatibility layer for {ip,ip6}tables. nftables
 nftables: is built upon the building blocks of the Netfilter infrastructure such
 nftables: as the existing hooks, the connection tracking system, the userspace
 nftables: queueing component, and the logging subsystem.
diff --git a/source/n/idnkit/idnkit.SlackBuild b/source/n/nghttp2/nghttp2.SlackBuild
index c4603bc0f..0e2099bb0 100755
--- a/source/n/idnkit/idnkit.SlackBuild
+++ b/source/n/nghttp2/nghttp2.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2011  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,31 +20,38 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-PKGNAM=idnkit
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 2 -d - | rev)}
+PKGNAM=nghttp2
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
-  case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
-    arm*) export ARCH=arm ;;
+  case "$(uname -m)" in
+    i?86) ARCH=i586 ;;
+    arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
-       *) export ARCH=$( uname -m ) ;;
+    *) ARCH=$(uname -m) ;;
   esac
+  export ARCH
 fi
 
-NUMJOBS=${NUMJOBS:-" -j7 "}
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
 
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-${PKGNAM}
-rm -rf $PKG
-mkdir -p $TMP $PKG
+NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -52,20 +59,31 @@ elif [ "$ARCH" = "s390" ]; then
 elif [ "$ARCH" = "x86_64" ]; then
   SLKCFLAGS="-O2 -fPIC"
   LIBDIRSUFFIX="64"
+elif [ "$ARCH" = "armv7hl" ]; then
+  SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16"
+  LIBDIRSUFFIX=""
+else
+  SLKCFLAGS="-O2"
+  LIBDIRSUFFIX=""
 fi
 
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+
 cd $TMP
-rm -rf ${PKGNAM}-${VERSION}
-tar xvf $CWD/${PKGNAM}-$VERSION-src.tar.?z* || exit 1
-cd ${PKGNAM}-$VERSION-src || exit 1
+rm -rf $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
+cd $PKGNAM-$VERSION || exit 1
 
-# Make sure ownerships and permissions are sane:
 chown -R root:root .
 find . \
- \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
+  \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+  -exec chmod 755 {} \; -o \
+  \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+  -exec chmod 644 {} \;
 
 # Configure:
 CFLAGS="$SLKCFLAGS" \
@@ -74,45 +92,40 @@ CFLAGS="$SLKCFLAGS" \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
   --sysconfdir=/etc \
   --localstatedir=/var \
+  --docdir=/usr/doc/$PKGNAM-$VERSION \
   --mandir=/usr/man \
-  --enable-shared \
   --disable-static \
+  --enable-lib-only \
   --build=$ARCH-slackware-linux || exit 1
 
 # Build and install:
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
-# Fix library perms:
-chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/*
+# Don't ship .la files:
+rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la
 
 # Strip binaries:
-find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
-  | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
-
-# Since idnkit appears to work here without configuration files installed,
-# we will only install these as *.sample:
-rm -f $PKG/etc/*.conf
-
-# Compress and link manpages, if any:
-if [ -d $PKG/usr/man ]; then
-  ( cd $PKG/usr/man
-    for manpagedir in $(find . -type d -name "man*") ; do
-      ( cd $manpagedir
-        for eachpage in $( find . -type l -maxdepth 1) ; do
-          ln -s $( readlink $eachpage ).gz $eachpage.gz
-          rm $eachpage
-        done
-        gzip -9 *.* 2> /dev/null
-      )
-    done
-  )
-fi
+( cd $PKG
+  find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+  find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+)
+
+# Compress manual pages:
+find $PKG/usr/man -type f -exec gzip -9 {} \;
+for i in $( find $PKG/usr/man -type l ) ; do
+  ln -s $( readlink $i ).gz $i.gz
+  rm $i
+done
+
+# Actually, since we're only packaging the library, the man pages are not
+# relevant. Dump them:
+rm -rf $PKG/usr/man
 
 # Add a documentation directory:
 mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION
 cp -a \
-  COPYING* INSTALL* LICENSE* NEWS README* \
+  AUTHORS* ChangeLog CHANGES COPYING* LICENSE* NEWS* README* THANKS* TODO* \
   $PKG/usr/doc/${PKGNAM}-$VERSION
 
 # If there's a ChangeLog, installing at least part of the recent history
@@ -127,5 +140,5 @@ mkdir -p $PKG/install
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
-/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz
+/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
 
diff --git a/source/n/nghttp2/slack-desc b/source/n/nghttp2/slack-desc
new file mode 100644
index 000000000..5d00cbb4a
--- /dev/null
+++ b/source/n/nghttp2/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+       |-----handy-ruler------------------------------------------------------|
+nghttp2: nghttp2 (HTTP/2 library)
+nghttp2:
+nghttp2: This is a library that implements the Hypertext Transfer Protocol
+nghttp2: version 2. An HPACK encoder and decoder are also available as a
+nghttp2: public API.
+nghttp2:
+nghttp2: Homepage: https://nghttp2.org/
+nghttp2:
+nghttp2:
+nghttp2:
+nghttp2:
diff --git a/source/n/nmap/nmap.SlackBuild b/source/n/nmap/nmap.SlackBuild
index 1a20178a5..f980567bf 100755
--- a/source/n/nmap/nmap.SlackBuild
+++ b/source/n/nmap/nmap.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=nmap
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -34,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -53,7 +63,6 @@ fi
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-nmap
 
@@ -85,7 +94,7 @@ CFLAGS="$SLKCFLAGS" \
   --mandir=/usr/man \
   --docdir=/usr/doc/nmap-$VERSION \
   --without-nmap-update \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/source/n/nmap/slack-desc b/source/n/nmap/slack-desc
index 89e96372e..aa42e5564 100644
--- a/source/n/nmap/slack-desc
+++ b/source/n/nmap/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 nmap: nmap (network scanner)
 nmap:
 nmap: Nmap ("Network Mapper") is an open source utility for network
-nmap: exploration or security auditing.  It was designed to rapidly scan
-nmap: large networks, although it works fine against single hosts.  Nmap
+nmap: exploration or security auditing. It was designed to rapidly scan
+nmap: large networks, although it works fine against single hosts. Nmap
 nmap: uses raw IP packets in novel ways to determine what hosts are
 nmap: available on the network, what services (ports) they are offering,
 nmap: what operating system (and OS version) they are running, what type of
 nmap: packet filters/firewalls are in use, and dozens of other
-nmap: characteristics.  Nmap runs on most types of computers, and both
+nmap: characteristics. Nmap runs on most types of computers, and both
 nmap: console and graphical versions are available.
diff --git a/source/n/nn/nn.SlackBuild b/source/n/nn/nn.SlackBuild
index 41757fcca..880545aeb 100755
--- a/source/n/nn/nn.SlackBuild
+++ b/source/n/nn/nn.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2002-2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2002-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=nn
 VERSION=6.7.3
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-6}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
   MFILE="m-i80386.h"
 elif [ "$ARCH" = "x86_64" ]; then
@@ -47,7 +58,6 @@ else
   MFILE="m-i80386.h"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-nn
 
@@ -65,6 +75,7 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+zcat $CWD/nn_6.7.3-10.diff.gz | patch -p1 --verbose || exit 1
 zcat $CWD/nn.diff.gz \
     | sed -e "s#m-sparc.h#${MFILE}#" \
     | sed -e "s#/usr/lib/nn#/usr/lib${LIBDIRSUFFIX}/nn#" \
@@ -73,23 +84,23 @@ if [ $ARCH = "x86_64" ]; then
 	zcat $CWD/m-x86_64.h.gz > conf/m-x86_64.h
 fi
 zcat $CWD/nn.badnntphost.diff.gz | patch -p1 --verbose || exit 1
-# Taken from slamd64 (who adapted an old Ubuntu patch);
-# Besides adding DESTDIR support, it gets rid of the hardlinks that are created:
-zcat $CWD/nn.destdir.diff.gz | patch -p1 --verbose  || exit 1
 
 cat config.h-dist | sed -e "s#m-sparc.h#${MFILE}#" > config.h
-make all
+make all || exit 1
+
+# We'll pipe the correct options to ./inst
+#echo "*** USE install option 's'"
+#sleep 5
 
-echo "*** USE install option 's'"
-sleep 5
 mkdir -p $PKG/etc $PKG/usr/bin $PKG/usr/lib${LIBDIRSUFFIX} $PKG/usr/man/man{1,8}
-DESTDIR=$PKG ./inst
+cat << EOF | DESTDIR=$PKG ./inst
+s
+q
+EOF
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
-zcat $CWD/nntpserver.gz > $PKG/etc/nntpserver.new
-
 # Compress and link manpages, if any:
 if [ -d $PKG/usr/man ]; then
   ( cd $PKG/usr/man
@@ -122,7 +133,6 @@ mkdir -p $PKG/usr/doc/nn-$VERSION/contrib
   $PKG/usr/doc/nn-$VERSION/contrib )
 
 mkdir -p $PKG/install
-zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
diff --git a/source/n/nn/nn.badnntphost.diff b/source/n/nn/nn.badnntphost.diff
index 919b7d42e..ccb6de788 100644
--- a/source/n/nn/nn.badnntphost.diff
+++ b/source/n/nn/nn.badnntphost.diff
@@ -1,14 +1,11 @@
---- ./nntp.c.orig	2005-04-19 18:06:51.000000000 -0500
-+++ ./nntp.c	2006-06-27 17:14:32.000000000 -0500
-@@ -913,8 +913,9 @@
- 
+--- ./nntp.c.orig	2017-01-04 15:03:32.235592431 -0600
++++ ./nntp.c	2017-01-04 15:06:09.724603794 -0600
+@@ -918,7 +918,7 @@
      if ((hp = gethostbyname(nntp_server)) != NULL)
  	server_real_name = hp->h_name;
--    else
+     else
 -	nn_exitmsg(1, "NNTPSERVER is invalid");
-+    else {
-+	nn_exitmsg(1, "NNTP host is invalid -- please edit /etc/nntpserver");
-+    }
-     use_nntp = (strcmp(host_name, server_real_name) != 0);
- 
-     if (use_nntp) {
++        nn_exitmsg(1, "NNTP host is invalid -- please edit /etc/nntpserver");
+ #ifdef USE_SPOOL
+     use_nntp = (strcasecmp(host, server_real_name) != 0);
+ #else /* USE_SPOOL */
diff --git a/source/n/nn/nn.destdir.diff b/source/n/nn/nn.destdir.diff
deleted file mode 100644
index fe4bdf04b..000000000
--- a/source/n/nn/nn.destdir.diff
+++ /dev/null
@@ -1,179 +0,0 @@
-# Taken from the Slamd64 repository
-# Thanks Fred/Frank
---- nn-6.7.3/inst.sh.orig	2006-08-14 00:19:40.000000000 +0100
-+++ nn-6.7.3/inst.sh	2006-08-14 00:32:12.000000000 +0100
-@@ -60,11 +60,11 @@
- 	fi
- fi
- 
--set $RECMAIL
--if [ ! -f "$1" ]
--then
--	echo ERROR: Mailer program $RECMAIL not found.
--fi
-+#set $RECMAIL
-+#if [ ! -f "$1" ]
-+#then
-+#	echo ERROR: Mailer program $RECMAIL not found.
-+#fi
- ) > ErrorCheck
- 
- if [ -s ErrorCheck ]
-@@ -246,69 +246,69 @@
- 
- bin)
- 	echo
--	if [ ! -d "$BIN"/. ]
-+	if [ ! -d "$DESTDIR/$BIN"/. ]
- 	then
--		echo Directory $BIN does not found!
-+		echo Directory $DESTDIR/$BIN does not found!
- 		exit 1
- 	fi
- 
--	echo Installing user programs in $BIN
-+	echo Installing user programs in $DESTDIR/$BIN
- 
--	if [ -f $BIN/nn ]
-+	if [ -f $DESTDIR/$BIN/nn ]
- 	then
- 	     (
--		cd $BIN
-+		cd $DESTDIR/$BIN
- 		mv nn nn.old
--		rm -f $BIN_PROG $BIN_LINK
-+		rm -f $BIN_PROG $DESTDIR/$BIN_LINK
- 	     )
- 	fi
- 
- 	for prog in $BIN_PROG
- 	do
--		./inst copy 755 $BIN $prog
-+		./inst copy 755 $DESTDIR/$BIN $prog
- 	done
- 
- 	for link in $BIN_LINK
- 	do
--		ln $BIN/nn $BIN/$link
-+		ln -s nn $DESTDIR/$BIN/$link
- 		echo $link linked to nn
- 	done
- 
--	if [ -f $BIN/nnacct ] ; then
--		chmod 4755 $BIN/nnacct
-+	if [ -f $DESTDIR/$BIN/nnacct ] ; then
-+		chmod 4755 $DESTDIR/$BIN/nnacct
- 		echo nnacct is setuid ${OWNER}.
- 	fi
- 	;;
- 
- aux)
- 	echo
--	./inst mkdir $LIB 755 || exit 1
-+	./inst mkdir $DESTDIR/$LIB 755 || exit 1
- 
- 	echo Installing auxiliary programs in $LIB
- 
- 	for prog in $LIB_PROG
- 	do
--		./inst copy 755 $LIB $prog
-+		./inst copy 755 $DESTDIR/$LIB $prog
- 	done
- 
--	./mkprefix conf > ${LIB}/conf
-+	./mkprefix conf > $DESTDIR/${LIB}/conf
- 	grep "^#" config.h |
--	sed -e '/_MAN_/d' -e 's/[ 	]*\/\*.*$//' >> ${LIB}/conf
--	./inst chmod 644 ${LIB}/conf
-+	sed -e '/_MAN_/d' -e 's/[ 	]*\/\*.*$//' >> $DESTDIR/${LIB}/conf
-+	./inst chmod 644 $DESTDIR/${LIB}/conf
- 	;;
- 
- help)
--	./inst mkdir $HELP 755 || exit 1
-+	./inst mkdir $DESTDIR/$HELP 755 || exit 1
- 
- 	echo
--	echo Installing help files in $HELP
-+	echo Installing help files in $DESTDIR/$HELP
- 
- 	cd help
- 	for h in *
- 	do
- 		cd ..
--		./cvt-help < help/$h > $HELP/$h
--		./inst chmod 644 $HELP/$h
-+		./cvt-help < help/$h > $DESTDIR/$HELP/$h
-+		./inst chmod 644 $DESTDIR/$HELP/$h
- 		echo $h
- 		cd help
- 	done
-@@ -327,32 +327,35 @@
- 	} |
- 	while read DIR SECT SRC
- 	do
--		if [ -d "$DIR"/. ]
-+		if [ -d "$DESTDIR/$DIR"/. ]
- 		then
- 			for i in man/*$SRC
- 			do
- 				MAN=`basename ${i} $SRC`
--				NEW=$DIR/${MAN}.$SECT
--				sed -e '/^\.TH /s/6.7/'${PL}'/' $i > $NEW
--				./inst chmod 644 $NEW
--				echo $MAN in $NEW
-+				if [ $MAN != 'nnmaster' ]
-+				then
-+					NEW=$DESTDIR/$DIR/${MAN}.$SECT
-+					sed -e '/^\.TH /s/6.7/'${PL}'/' $i > $NEW
-+					./inst chmod 644 $NEW
-+					echo $MAN in $NEW
-+				fi
- 			done
- 		else
--			echo $DIR not found or not writeable
-+			echo $DESTDIR/$DIR not found or not writeable
- 		fi
- 	done
- 	;;
- 
- online)
--	./inst mkdir $HELP 755 || exit 1
-+	./inst mkdir $DESTDIR/$HELP 755 || exit 1
- 
- 	MAN=$HELP/Manual
- 
- 	echo
--	echo "Formatting online manual $MAN"
-+	echo "Formatting online manual $DESTDIR/$MAN"
- 	echo ".... (continues in background) ...."
- 
--	rm -f $MAN
-+	rm -f $DESTDIR/$MAN
- 
- 	(
- 	sed 	-e 's/\\f[BPI]//g' \
-@@ -362,9 +365,9 @@
- 		-e '/^\.if/d' -e '/^\.ta/d' -e '/^\.nr/d' \
- 		-e '/^\.in/d' -e 's/^\.[BI] //' \
- 		`ls -1 man/*.? man/*.??` |
--	${AWK} -f format.awk - > $MAN
-+	${AWK} -f format.awk - > $DESTDIR/$MAN
- 
--	./inst chmod 644 $MAN
-+	./inst chmod 644 $DESTDIR/$MAN
- 	) &
- 	;;
- 
-@@ -502,9 +505,9 @@
- 
- done
- 
--if [ -f $LOG ]
-+if [ -f $DESTDIR/$LOG ]
- then
--	chmod 666 $LOG
-+	chmod 666 $DESTDIR/$LOG
- fi
- 
- if $PAUSE
diff --git a/source/n/nn/nn_6.7.3-10.diff b/source/n/nn/nn_6.7.3-10.diff
new file mode 100644
index 000000000..902da4815
--- /dev/null
+++ b/source/n/nn/nn_6.7.3-10.diff
@@ -0,0 +1,2924 @@
+--- nn-6.7.3.orig/Makefile
++++ nn-6.7.3/Makefile
+@@ -24,7 +24,7 @@
+ #CPP =		/lib/cpp
+ #CPP =		/usr/bin/cpp -no-cpp-precomp	# for MacOS X
+ 
+-CFLAGS =	-O # -g -Wall -ansi -pedantic
++CFLAGS =	-O2 # -g -Wall -ansi -pedantic
+ #CFLAGS =	-O # -w0 -g3			# for DEC
+ 
+ MAKE =		make
+@@ -61,6 +61,7 @@
+ 	sed -e '1,/MAKE WILL CUT HERE/d' \
+ 	    -e '/^#/d' \
+ 	    -e 's/^  */	/' \
++ 	    -e 's/^ /	/' \
+ 	    -e '/^[ \f	]$$/d' \
+ 	    -e '/^[ \/]*[*]/d' | \
+ 	sed -n -e '/^..*$$/p' > ymakefile
+--- nn-6.7.3.orig/admin.c
++++ nn-6.7.3/admin.c
+@@ -764,7 +764,7 @@
+ 		goto tr_failed;
+ 	    }
+ 	    log_entry('A', "Log Truncated");
+-	    chmod(log_file, 0666);
++	    chmod(log_file, 0644);
+ 	}
+ 	return;
+ 
+--- nn-6.7.3.orig/answer.c
++++ nn-6.7.3/answer.c
+@@ -167,7 +167,7 @@
+ 
+     ng = use_follow && news.ng_follow ? news.ng_follow : news.ng_groups;
+     if (ng == NULL)
+-	return;
++       return;
+ 
+     fprintf(t, "Newsgroups: %s\n", ng);
+     ed_line++;
+--- nn-6.7.3.orig/aux.c
++++ nn-6.7.3/aux.c
+@@ -507,7 +507,7 @@
+ 		prompt_line = Lines - 1;
+ 		prompt("To: ");
+ 		unset_raw();
+-		if (getline(&cc[0], sizeof(cc)) == 0)
++		if (local_getline(&cc[0], sizeof(cc)) == 0)
+ 		    cc[0] = CR;
+ 		nn_raw();
+ 		if (cc[0] != CR)
+--- nn-6.7.3.orig/aux.sh
++++ nn-6.7.3/aux.sh
+@@ -282,7 +282,7 @@
+     # call editor to enter at line $ED_LINE of work file
+ 
+     case `basename "${EDITOR-vi}"` in
+-    vi|emacs|emacsclient|pico|joe )
++    vi|emacs|emacsclient|pico|joe|jove|jv )
+       # Berkeley vi display editor
+       # GNU emacs display editor
+       # pico display editor
+@@ -484,6 +484,10 @@
+   ?*)
+     echo "To: $CC" > $TEMP
+     sed -e "s/^To:/X-To:/" $FINAL >>$TEMP
++    echo "
++------
++This is a Cc: of an article on USENET sent to you for your convenience.
++------" >> $TEMP
+     if $MAILER_PIPE ; then
+       $MAILER < $TEMP
+       x=$?
+--- nn-6.7.3.orig/conf/s-linux.h
++++ nn-6.7.3/conf/s-linux.h
+@@ -187,7 +187,7 @@
+ 
+ /* #define	MAILX		"/usr/bin/mailx"	/* SV */
+ /* #define	MAILX	"/usr/ucb/Mail"		/* BSD */
+-#define	MAILX	"/bin/mailx"	/* linux */
++#define	MAILX	"/usr/bin/mailx"	/* linux */
+ 
+ /*
+  *	Define the maximum length of any pathname that may occur
+@@ -225,7 +225,7 @@
+  *	Define standard compiler flags here:
+  */
+ 
+-#define COMPILER_FLAGS -O2
++#define COMPILER_FLAGS -O2 -fno-strength-reduce -fomit-frame-pointer -pipe
+ 
+ /*
+  *	Define standard loader flags here:
+--- nn-6.7.3.orig/config.h-dist
++++ nn-6.7.3/config.h-dist
+@@ -23,6 +23,10 @@
+ 
+ /************************* NOV CONFIGURATION ******************************
+  *
++ *	Define USE_SPOOL if you want to be able to read directly on a news
++ *	spool. You may have to also correct NOV_DIRECTORY NOV_FILENAME and 
++ *	NEWS_DIRECTORY settings to match your local Spool-Configuration.
++ *
+  *	Define NOV if you have access to .overview files in your news spool
+  *	area and you want to use them rather than run nnmaster.
+  *	If you use NNTP and your server is INN 1.4 or later with XOVER support
+@@ -39,6 +43,9 @@
+  *	NOV_DIRECTORY and NOV_FILENAME can normally be left undefined.
+  */
+ 
++/* Optional */
++/* #define USE_SPOOL */
++
+ #define NOV
+ 
+ /* Optional */
+--- nn-6.7.3.orig/debian/README.Debian
++++ nn-6.7.3/debian/README.Debian
+@@ -0,0 +1,28 @@
++nn for Debian
++-------------
++
++* LOCAL SPOOL reading.
++
++  Reading directly on spool disabled, because we have to many
++  newsserver-setups which characteristics have to compiled into this package.
++
++  Joey (Martin Schulze <joey@debian.org>) has patched nn so it is able to use
++  both local spool and remote news servers.  To use the local spool variant
++  you have to ensure that the local hostname and the name of the news server
++  (see for /etc/news/server) are the same.  They are compared case
++  insensitive.
++
++  Reading on local spool only works if you use traditional spool.  To enable
++  it, you have to change the settings for USE_SPOOL and NOV* in
++  debian/config.h and then recompile.
++
++ -- Cord Beermann <cord@debian.org>  Thu, 21 Feb 2002 00:21:45 +0100
++
++* RFC1522-Patch pulled.
++
++  I removed the patch that tried to interpret iso-encodings in Subject/From
++  and so on, because RFC1522 is obsolete, the patch is ugly and unmaintained.
++
++  If you want it back drop me a note.
++
++ -- Cord Beermann <cord@debian.org>  Thu, 01 Oct 2005 23:37:19 +0200
+--- nn-6.7.3.orig/debian/TODO
++++ nn-6.7.3/debian/TODO
+@@ -0,0 +1,3 @@
++* RFC1522-Patch is only useful for reading. for writing there 
++  should be Content-*-Headers.
++* mktemp should be replaced by tmpfile.
+--- nn-6.7.3.orig/debian/changelog
++++ nn-6.7.3/debian/changelog
+@@ -0,0 +1,371 @@
++nn (6.7.3-10) unstable; urgency=medium
++
++  * add patch by Chris Lamb <lamby@debian.org> for reproducable builds.
++    (closes: #776764)
++  * bumb debhelper to 9
++
++ -- Cord Beermann <cord@debian.org>  Thu, 20 Aug 2015 13:39:10 +0200
++
++nn (6.7.3-9) unstable; urgency=low
++
++  * The DebConf-Release
++  * Bump Standard-Version to 3.9.6
++  * Reconfigured Hardening to make lintian happy
++
++ -- Cord Beermann <cord@debian.org>  Mon, 10 Aug 2015 21:22:13 +0200
++
++nn (6.7.3-8) unstable; urgency=low
++
++  * define MAXHOSTNAMELEN if not already set for the Hurd.
++
++ -- Cord Beermann <cord@debian.org>  Sun, 24 Jun 2012 10:35:12 +0200
++
++nn (6.7.3-7) unstable; urgency=low
++
++  * Fix a lintian-override thanks to: Jakub Wilk <jwilk@debian.org> 
++    (closes: #642239)
++
++ -- Cord Beermann <cord@debian.org>  Sun, 24 Jun 2012 10:03:38 +0200
++
++nn (6.7.3-6) unstable; urgency=low
++
++  * disabled DEB_BUILD_HARDENING_FORMAT
++
++ -- Cord Beermann <cord@debian.org>  Sat, 23 Jun 2012 20:34:59 +0200
++
++nn (6.7.3-5) unstable; urgency=low
++
++  * fix debian/rules to have a config.h when we need it.
++
++ -- Cord Beermann <cord@debian.org>  Sat, 23 Jun 2012 19:12:01 +0200
++
++nn (6.7.3-4) unstable; urgency=low
++
++  * Acknowledge NMUs (closes: #628348)
++  * Add Hardening
++  * Remove Template from watch-File
++  * Fixed duplicate changelog
++  * Bump Standard to 3.9.3 (no changes)
++
++ -- Cord Beermann <cord@debian.org>  Thu, 21 Jun 2012 23:18:07 +0200
++
++nn (6.7.3-3.1) unstable; urgency=low
++
++  * Non-maintainer upload.
++  * Fix "FTBFS: ymakefile:12: *** commands commence before first target.
++    Stop.": add patch from Ubuntu / Andreas Moog:
++    - Escape backslashes in makefile template to fix FTBFS (LP: #756213)
++      (Closes: #628348)
++
++ -- gregor herrmann <gregoa@debian.org>  Tue, 25 Oct 2011 18:24:08 +0200
++
++nn (6.7.3-3) unstable; urgency=low
++
++  * add spanish Translation (closes: #570354)
++  * Acknowledge NMUs
++  * Make Lintian happy
++    + Fixed typos 
++    + moving nn-eu.po to eu.po
++    + Bumped Policy-version
++    + DH version 7
++
++ -- Cord Beermann <cord@debian.org>  Tue, 25 May 2010 17:44:40 +0200
++
++nn (6.7.3-2.2) unstable; urgency=low
++
++  * Non-maintainer upload.
++  * Rename local getline func to local_getline. (Closes: #552849, #548461).
++  * Add Italian debconf translation. (Closes: #504995).
++    + Thanks to Luca Monducci.
++
++ -- Barry deFreese <bdefreese@debian.org>  Sat, 31 Oct 2009 20:55:20 -0400
++
++nn (6.7.3-2.1) unstable; urgency=low
++
++  * Non-maintainer upload to fix bashism in build process.
++  * Modified prefix.c to check for a NULL value when generating shell
++    scripts headers (closes: #459108)
++  * Added nl.po and pt_BR.po contributed by Bart Cornelis and Eder L. Marques
++    (closes: #419733) (closes: #447150)
++  * Fixed text lines in the manpages with a leading dot.
++  * Converted debian copyright file to utf8.
++  * Updated menu file "Apps/Net" -> "Applications/Network/Communication".
++
++ -- Maximiliano Curia <maxy@gnuservers.com.ar>  Sat, 08 Mar 2008 16:07:37 -0200
++
++nn (6.7.3-2) unstable; urgency=medium
++
++  * debconf translations
++    + added ka.po and vi.po (closes: #399496) (sorry, Christian)
++  * no more changes, should be safe for release...
++
++ -- Cord Beermann <cord@debian.org>  Wed,  3 Jan 2007 22:34:53 +0100
++
++nn (6.7.3-1) unstable; urgency=low
++
++  * New upstream release (no significant changes)
++  * debconf translations
++    + added basque translation (closes: #331351)
++    + updated swedish translation (closes: #331351)
++    + updated russian translation (closes: #361657)
++    + added portugese translation (closes: #381633)
++  * Fix up broken templates/config/postinst files (closes: #335270)
++    (many thanks to  J S Bygott for figuring this out)
++  * Fix bashism (closes: #376430)
++  * bumped Standards-Version, no change.
++
++ -- Cord Beermann <cord@debian.org>  Sun, 19 Nov 2006 13:40:15 +0100
++
++nn (6.7.2-1) unstable; urgency=low
++
++  * New upstream (closes: #325055)
++    + fixed AUTO-Domain-problem (closes: #190599)
++  * Update debian/watch
++  * debconf translations
++    + added japanese (closes: #308748)
++    + changed german (closes: #311853)
++    + added vietnamese (closes: #316060)
++    + added french (closes: #299252)
++    + added czech (closes: #309078)
++    + added danish (closes: #323364)
++  * Bumped Standard-version
++  * added {misc:Depend}
++  * Make Lintian happy
++    + removed non-bashism from nn.config
++
++ -- Cord Beermann <cord@debian.org>  Sat,  1 Oct 2005 21:50:12 +0200
++
++nn (6.6.5-2) unstable; urgency=low
++
++  * Applied patch by  Martin Quinson <martin.quinson@imag.fr> for
++    gettext-based debconf templates (closes: #237443)
++  * Applied patch by  Andreas Jochens <aj@andaco.de> to let nn also
++    build with gcc-4.3 (closes: #265531)
++  * make lintian happy:
++    + fixed three manpages.
++    + fixed debian/menu
++    + added sendmail as alternative for mail-transport-agent
++  * bumped Standards-Version, no change.
++
++ -- Cord Beermann <cord@debian.org>  Sat, 26 Feb 2005 22:03:22 +0100
++
++nn (6.6.5-1) unstable; urgency=low
++
++  * New upstream release
++    - nnview no longer tries to connect to the NNTPSERVER
++    - DOMAIN can now be defined even if HIDDENNET isn't
++    - nn no longer segfaults if it reconnects during initial authentication
++  * added danish debconf-template (closes: #174796)
++  * closing old bug. Reporter didn't respond to question if his problem is
++    fixed. I think the problem (displaying errorcodes) is. (closes: #9356)
++
++ -- Cord Beermann <cord@debian.org>  Mon, 10 Feb 2003 16:05:00 +0100
++
++nn (6.6.4-1) unstable; urgency=low
++
++  * New upstream release
++    + fixes security problem. (closes: #150418)
++  * added /etc/news to the nn-dirs. (closes: #134002)
++  * added russian debconf-template (closes: #136601)
++  * removed apostrophe from description. (closes: #139730)
++
++ -- Cord Beermann <cord@debian.org>  Fri, 28 Jun 2002 19:50:10 +0200
++
++nn (6.6.2-5) unstable; urgency=low
++
++  * reactivated Digests, since it looks like it works again. 
++    (closes: #129654)
++
++ -- Cord Beermann <cord@debian.org>  Thu, 31 Jan 2002 23:41:10 +0100
++
++nn (6.6.2-4) unstable; urgency=low
++
++  * fixed a buffer-overflow in RfC1522-Patch. 
++    (Thanks to Elrond for the patch)
++  * added fix by Bob Hain <bob@me.umn.edu> to workaround HIDDENNET
++
++ -- Cord Beermann <cord@debian.org>  Fri,  2 Nov 2001 22:04:36 +0100
++
++nn (6.6.2-3) unstable; urgency=low
++
++  * disabled check for $MTA. Debian-Dependency will do this for us.
++    (closes: #116641)
++
++ -- Cord Beermann <cord@debian.org>  Tue, 23 Oct 2001 20:42:27 +0200
++
++nn (6.6.2-2) unstable; urgency=low
++
++  * fixed symlinks.
++  * added german-template to debconf (closes: #116471)
++  * removed old MANIFEST-File as we don't need it anymore for building.
++  * written man-page for nnbatch.
++
++ -- Cord Beermann <cord@debian.org>  Sun, 21 Oct 2001 12:07:06 +0200
++
++nn (6.6.2-1) unstable; urgency=low
++
++  * New upstream release
++  * finally Lintian-happy
++
++ -- Cord Beermann <cord@debian.org>  Fri, 19 Oct 2001 20:51:36 +0200
++
++nn (6.6.0-4) unstable; urgency=low
++
++  * making lintian happy.
++    - upstream changelog now correct.
++    - debconf removed from Build-dependency and added to dependency.
++    - changed odd 'Upstream Author(s)'
++    - nnbatch.1 gets undocumented-manpage.
++
++ -- Cord Beermann <cord@debian.org>  Wed,  3 Oct 2001 11:41:14 +0200
++
++nn (6.6.0-3) unstable; urgency=low
++
++  * moved Logfile to $USER/.nn (close a point out of the reopened #9356)
++  * reverted mkstemp back to mktemp.
++  * remove update.h on clean.
++  * Build-dependency changed from libncurses5-dev to libncurses-dev
++
++ -- Cord Beermann <cord@debian.org>  Wed,  3 Oct 2001 11:41:14 +0200
++
++nn (6.6.0-2) unstable; urgency=low
++
++  * removed -malign-{loops,jumps,functions} from Compiler-Flags. 
++    (closes: #114028)
++  * real fixing build problem with gcc-3.x. Programs which use different
++    meanings to Tabs and spaces have to die! (closes: #104956)
++
++ -- Cord Beermann <cord@debian.org>  Mon,  1 Oct 2001 11:32:10 +0200
++
++nn (6.6.0-1) unstable; urgency=low
++
++  * New Maintainer.
++  * Package rebuilt from scratch.
++  * New upstream release. changes include:
++    - support for NNTP AUTH. Can't find information XAUTHINFO GENERIC.
++      (closes: #9356)
++    - 'mailed to the moderator' added to aux-script. (closes: #54333)
++  * added RfC1522-patch by Kristian Koehntopp and Stefan Roerich
++  * added a patch by Daniel Merritt <merritt@highlander.cbnet.ns.ca> which
++    prevents nn from crashing if NNTPSERVER contains an unresolveable name.
++    (closes: #97074)
++  * disabled NOV, it causes different problems. People should read per NNTP or
++    have to recompile to read directly on spool. (closes: #84409, #105759)
++  * NMU fixes finally closed. (closes: #83855, #90457, #92105)
++  * guessed that the Bugreport from hppa-autobuilder could be this: fixed
++    build problem with gcc-3.x (fix found in news.software.nn by Neil W
++    Rickert <rickert+nn@cs.niu.edu>) (closes: #104956)
++    Please make sure that new Bugreports are more meaningful!
++  * Bug has disappeared (closes: #83442)
++
++ -- Cord Beermann <cord@debian.org>  Sat, 22 Sep 2001 21:11:46 +0200
++
++nn (6.5.1-7.2) unstable; urgency=low
++
++  * Added the missing build dependency on gawk.
++    (closes: #90457, #92105)
++  * Standards-Version: 3.1.1
++
++ -- Adrian Bunk <bunk@fs.tum.de>  Sun, 15 Apr 2001 00:54:44 +0200
++
++nn (6.5.1-7.1) unstable; urgency=low
++
++  * Non-maintainer upload
++  * Fix compilation with libncurses5-dev 5.2.20010310-2. Fixes: #83855
++  * Added Build-Depends on libncurses5-dev.
++  * Fixed menu file (lintian error).
++  * Added -isp to dpkg-gencontrol (lintian warning).
++  * Moved docs to /usr/share/doc and added code to postinst and prerm to
++    handle the /usr/doc symlinks (lintian error).
++
++ -- Paul Martin <pm@debian.org>  Sun, 18 Mar 2001 20:03:52 +0000
++
++nn (6.5.1-7) unstable; urgency=low
++
++  * The postinst script will now create /etc/news if it does not exist
++    (closes: Bug#49639)
++
++ -- Martin Schulze <joey@finlandia.infodrom.north.de>  Fri, 12 Nov 1999 21:04:10 +0100
++
++nn (6.5.1-6) unstable; urgency=low
++
++  * Reverted patch for 6.5.1-5 since the bug was mistakenly taken care
++    of.  In our policy Section 2.3.8 talks about /etc/nntpserver but
++    section 4.6 talks about /etc/news/server.  It seems that the
++    reference to /etc/nntpserver was just left in by accident when policy
++    was updated to use /etc/news/server.  See also Bug#21875
++
++ -- Martin Schulze <joey@finlandia.infodrom.north.de>  Tue, 20 Apr 1999 00:18:49 +0200
++
++nn (6.5.1-5) unstable; urgency=low
++
++  * Changed location for NNTP server to /etc/nntpserver (closes:
++    Bug#Bug#36135)
++
++ -- Martin Schulze <joey@finlandia.infodrom.north.de>  Fri, 16 Apr 1999 10:18:15 +0200
++
++nn (6.5.1-4) frozen unstable; urgency=low
++
++  * Re-upload into frozen
++
++ -- Martin Schulze <joey@finlandia.infodrom.north.de>  Sun,  8 Nov 1998 12:41:48 +0100
++
++nn (6.5.1-3) unstable; urgency=low
++
++  * Corrected menu file (closes: Bug#29119)
++
++ -- Martin Schulze <joey@finlandia.infodrom.north.de>  Sat,  7 Nov 1998 18:05:00 +0100
++
++nn (6.5.1-2) frozen unstable; urgency=medium
++
++  * Reupload into frozen because the distribution was changed suddenly
++    *after* the last upload so it went into the wrong one.
++
++ -- Martin Schulze <joey@finlandia.infodrom.north.de>  Tue,  3 Nov 1998 23:08:25 +0100
++
++nn (6.5.1-1) unstable; urgency=low
++
++  * New maintainer
++  * New upstream source (close: Bug#12973)
++  * New packaging scheme
++  * New menu file
++  * Updated Standards-Version
++  * New config.h, placed it into the debian directory instead of a set of
++    only half working sed rules
++  * Updated copyright file
++  * Moved tmp directory to /tmp (was: /var/tmp)
++  * Turned all insecure gets() into size-checking fgets() calls
++  * Some variables are now initialized with proper values
++  * Extracted <term.h> and placed a locally modified copy in the debian
++    directory
++  * Removed nnbatch
++  * Turned strcmp() into strcasecmp() for comparing the local hostname
++    with the nntp server.  This would turn even more machines into use
++    local spool files.
++  * Included old README since it still contains information
++  * Introduced NEWS_VAR_DIRECTORY alias news_var_directory to provide the
++    distinction between /usr/lib/news and /var/lib/news (closes: Bug#4181,
++    Bug#5296, Bug#5815, Bug#8092, Bug#12980)
++  * Reworked description (closes: Bug#18968)
++  * Removed absolute path to inews *sigh* (closes: Bug#14025)
++  * Reworked postinst (closes: Bug#12591)
++  * Added NULL-test to nntp_check(), thanks dark (closes: Bug#8093)
++  * Included sample init file (closes: Bug#7684, Bug#24235)
++  * Added patch from Franco Venturi <fventuri@mediaone.net> to be able to
++    work with more than 32k active newsgroups (closes: Bug#22024)
++
++ -- Martin Schulze <joey@finlandia.infodrom.north.de>  Sun,  1 Nov 1998 02:35:48 +0100
++
++nn (6.5.0.b3.linux.1.1-1.1) unstable; urgency=low
++  
++  * Non-maintainer release.
++  * Libc6 compile.
++  * Updated from pre 2.0.0.0 standards.
++
++ -- Martin Mitchell <martin@debian.org>  Wed, 12 Nov 1997 21:44:07 +1100
++
++
++
++Local variables:
++mode: debian-changelog
++End:
+--- nn-6.7.3.orig/debian/compat
++++ nn-6.7.3/debian/compat
+@@ -0,0 +1 @@
++9
+--- nn-6.7.3.orig/debian/config.h
++++ nn-6.7.3/debian/config.h
+@@ -0,0 +1,441 @@
++/**************************** NN CONFIGURATION ***************************
++ *
++ *	Configuration file for nn.
++ *
++ *	You must edit this file to reflect your local configuration
++ *	and environment.
++ *
++ *	Before editing this file, read the licence terms in the README
++ *	file and the installation guidelines in the INSTALLATION file.
++ *
++ *	(c) Copyright 1990, Kim F. Storm.  All rights reserved.
++ */
++
++
++
++/*
++ * The Good Net-Keeping Seal of Approval folks seem to think it necessary to
++ * waste screen real estate with headers.  For such people, uncomment the
++ * following to change the default headers
++ */
++
++/* #define GNKSA	*/
++
++
++/************************* NOV CONFIGURATION ******************************
++ *
++ *	Define USE_SPOOL if you want to be able to read directly on a news
++ *	spool. You may have to also correct NOV_DIRECTORY NOV_FILENAME and 
++ *	NEWS_DIRECTORY settings to match your local Spool-Configuration.
++ *
++ *	Define NOV if you have access to .overview files in your news spool
++ *	area and you want to use them rather than run nnmaster.
++ *	If you use NNTP and your server is INN 1.4 or later with XOVER support
++ *	and is generating .overview files there, you can use NOV over NNTP. In
++ *	that case, make sure you define NNTP below as well.
++ *
++ *	If your NOV implementation doesn't have records for digests (none
++ *	that I know of do), you might want to define 'DO_NOV_DIGEST'.
++ *	This will cause nn to grab a digest article and split it apart
++ *	before anything has been selected to be read from that article.
++ *	'DO_NOV_DIGEST' is necessary if you want any digests (like
++ *	'comp.risks') to be automatically split.
++ *
++ *	NOV_DIRECTORY and NOV_FILENAME can normally be left undefined.
++ */
++
++/* Optional */
++/* #define USE_SPOOL */
++
++#define NOV
++
++/* Optional */
++#define DO_NOV_DIGEST
++
++/* Optional */
++/* #define NOV_DIRECTORY	"/usr/spool/news"	*/
++
++/* Optional */
++/* #define NOV_FILENAME		".overview"		*/
++
++
++/********************************** NNTP *********************************
++ *
++ *	Define NNTP to enable nntp support.  If you are not using NNTP,
++ *	just leave the following NNTP_* definitions as they are - they
++ *	will be ignored anyway.
++ */
++
++#define NNTP
++
++/*
++ *	Define NNTP_SERVER to the name of a file containing the name of the
++ *	nntp server (aka the newsserver you connect to).
++ *
++ *	If the file name does not start with a slash, it is relative to
++ *	LIB_DIRECTORY defined below.
++ */
++
++#define NNTP_SERVER	"/etc/news/server"
++
++/*
++ *  Define your local domain name.  If you leave this undefined, nn will
++ *  attempt to discover it.
++ *  See comment below on HIDDENNET.
++ */
++
++/* #define DOMAIN	"frobozz.bogus" */
++
++/*
++ *  If you define HIDDENNET, the hostname will not appear in the posting
++ *  data except on the path.  Items will be from user@DOMAIN (with
++ *  DOMAIN as defined above).  If you don't want this, comment it out.
++ */
++
++#define HIDDENNET
++
++
++/***************** OPERATING SYSTEM DEPENDENT DEFINITIONS *******************
++ *
++ *	Include the appropriate s- file for your system below.
++ *
++ *	If a file does not exist for your system, you can use
++ *	conf/s-template.h as a starting point for writing you own.
++ */
++
++#include "s-linux.h"
++
++/*
++ *	Define DEFAULT_PAGER as the initial value of the 'pager' variable.
++ *	nnadmin pipes shell command output though this command.
++ */
++
++/* #define DEFAULT_PAGER	"pg -n -s"	*/	/* System V */
++#define DEFAULT_PAGER		"sensible-pager"			/* bsd */
++
++/*
++ *	DEFAULT_PRINTER is the initial value of the 'printer' variable.
++ *	nn's :print command pipes text into this command.
++ */
++
++/* #define DEFAULT_PRINTER	"lp -s"		*/	/* System V */
++#define DEFAULT_PRINTER		"lpr -p -JNEWS"		/* bsd */
++
++
++/********************** MACHINE DEPENDENT DEFINITIONS **********************
++ *
++ *	Include the appropriate m- file for your system below.
++ *
++ *	If a file does not exist for your system, you can use
++ *	conf/m-template.h as a starting point for writing you own.
++ */
++
++#include "m-i80386.h"
++
++
++/***************************** OWNERSHIP ***************************
++ *
++ *	Specify owner and group for installed files and programs.
++ *
++ *	The nnmaster will run suid/sgid to this owner and group.
++ *
++ *	The only requirements are that the ownership allows the
++ *	nnmaster to READ the news related files and directories, and
++ *	the ordinary users to read the database and execute the nn*
++ *	programs.
++ *
++ *	Common choices are: (news, news) and (your uid, your gid)
++ */
++
++#define OWNER	"news"
++#define GROUP	"news"
++
++
++/**************************** LOCALIZATION ****************************
++ *
++ *	Specify where programs and files are installed.
++ *
++ *	BIN_DIRECTORY	 - the location of the user programs (mandatory)
++ *
++ *	LIB_DIRECTORY	 - the location of auxiliary programs and files.
++ *			   (mandatory UNLESS ALL of the following are defined).
++ *
++ *	MASTER_DIRECTORY - the location of the master program (on server)
++ *			   (= LIB_DIRECTORY if undefined)
++ *
++ *	CLIENT_DIRECTORY - the location of auxiliary programs (on clients)
++ *			   (= LIB_DIRECTORY if undefined)
++ *
++ *	HELP_DIRECTORY	 - the location of help files, online manual, etc.
++ *			   (= CLIENT_DIRECTORY/help if undefined)
++ *
++ *	CACHE_DIRECTORY	 - if NNTP is used, nn uses this central directory
++ *			   to store working copies of articles on the local
++ *			   system.  If not defined, it stores the articles
++ *			   in each user's ~/.nn directory.
++ *
++ *	TMP_DIRECTORY	 - temporary file storage.  Overriden by $TMPDIR.
++ *			   (= /var/tmp if undefined).
++ *
++ *	LOG_FILE	 - the location of nn's log file.
++ *			   (= $HOME/.nn/Log if undefined).
++ */
++
++#define BIN_DIRECTORY	"/usr/bin"
++#define LIB_DIRECTORY	"/usr/lib/nn"
++
++
++
++
++/*************************** MAIL INTERFACE *************************
++ *
++ *	Specify a mailer that accepts a letter WITH a header IN THE TEXT.
++ *
++ *	A program named 'recmail' program is normally delivered with
++ *	the Bnews system, or you can use sendmail -t if you have it.
++ *
++ *	The contrib/ directory contains two programs which you might
++ *	be able to use with a little tweaking.
++ */
++
++/* #define REC_MAIL	"/usr/lib/news/recmail"	*/	/* non-sendmail */
++#define REC_MAIL	"/usr/lib/sendmail -t"		/* sendmail */
++
++
++/*
++ *	nn needs to know the name of your host.
++ *	To obtain the host name it will use either of the 'uname' or
++ *	'gethostname' system calls as specified in the s-file included
++ *	above.
++ *
++ *	If neither 'uname' nor 'gethostname' is available, you must
++ *	define HOSTNAME to be the name of your host.  Otherwise, leave
++ *	it undefined (it will not be used anyway).
++ */
++
++/* #define HOSTNAME	"myhost"	*/
++
++/*
++ *	Define APPEND_SIGNATURE if you want nn to ask users to append
++ *	~/.signature to mail messages (reply/forward/mail).
++ *
++ *	If the mailer defined in REC_MAIL automatically includes .signature
++ *	you should not define this (it will fool people to include it twice).
++ *
++ *	I think 'recmail' includes .signature, but 'sendmail -t' doesn't.
++ */
++
++#define APPEND_SIGNATURE
++
++/*
++ *	BUG_REPORT_ADDRESS is the initial value of the bug-report-address
++ *	variable which is used by the :bug command to report bugs in
++ *	the nn software.
++ */
++
++#define BUG_REPORT_ADDRESS	"mtpins@nndev.org"
++
++
++/*************************** DOCUMENTATION ***************************
++ *
++ *	Specify directories for the user and system manuals
++ *
++ *	Adapt this to your local standards; the manuals will be named
++ *		$(MAN_DIR)/program.$(MAN_SECTION)
++ *
++ *	USER_MAN	- nn, nntidy, nngrep, etc.
++ *	SYS_MAN		- nnadmin
++ *	DAEMON_MAN	- nnmaster
++ */
++
++#define USER_MAN_DIR	"/usr/share/man/man1"
++#define USER_MAN_SECTION	"1"
++
++#define SYS_MAN_DIR	"/usr/share/man/man1"
++#define SYS_MAN_SECTION		"1m"
++
++#define DAEMON_MAN_DIR	"/usr/share/man/man8"
++#define DAEMON_MAN_SECTION	"8"
++
++
++/************************** LOCAL POLICY *****************************
++ *
++ *	Define STATISTICS if you want to keep a record of how much
++ *	time the users spend on news reading.
++ *
++ *	Sessions shorter than the specified number of minutes are not
++ *	recorded (don't clutter up the log file).
++ *
++ *	Usage statistics is entered into the $LOG_FILE with code U
++ */
++
++/* #define STATISTICS	5	*/	/* minutes */
++
++/*
++ *	Define ACCOUNTING if you want to keep accumulated accounting
++ *	based on the statistics in a separate 'acct' file.  In this
++ *	case, the accounting figures will be secret, and not be
++ *	written to the Log file.  And the users will not be able to
++ *	"decrease" their own account.
++ *
++ *	See account.h for optional cost calculation parameters.
++ */
++
++/* #define ACCOUNTING	*/
++
++/*
++ *	Define AUTHORIZE if you want to restrict the use of nn to
++ *	certain users or certain periods of the day.  Define both
++ *	this and ACCOUNTING if you want to impose a usage quota.
++ *
++ *	See account.h for implementing various access policies.
++ */
++
++/* #define AUTHORIZE	*/
++
++/*
++ *	Default folder directory
++ */
++
++#define FOLDER_DIRECTORY	"~/News"
++
++/*
++ *	Default length of authors name (in "edited" format).
++ *	Also size of "Name" field on the article menus.
++ *	The actual value used will be the larger of this and 1/5 the width
++ *	of the window.
++ */
++
++#define NAME_LENGTH	16
++
++/*
++ *	SIGN_TYPE is the program to be used to create digital signatures.
++ */
++
++#define SIGN_TYPE		"gpg"
++/* #define SIGN_TYPE		"pgp"		*/
++
++/*
++ *	If no "Lines:" header field is present, NN can be made to
++ *	count them itself.
++ */
++
++#define DONT_COUNT_LINES
++
++/*
++ *	PUT_TIMESTAMP_IN_SCRIPTS
++ *	Defining this causes the "inst" script to add identifying information
++ *	to the beginning of the shell scripts.
++ */
++
++#undef PUT_TIMESTAMP_IN_SCRIPTS
++
++/*
++ *	CONFIG_NUM_IN_VERSION
++ *	Defining this will make NN announce itself including the build number
++ *	like "NN version 6.7.x #12", rather than "NN version 6.7.x".
++ */
++
++/* #define CONFIG_NUM_IN_VERSION	*/
++
++/*
++ *	ART_GREP
++ *	Define this if you want to enable the "experimental" subject
++ *	body search code.  On the "G" menu, there will be two extra
++ *	choices: "b" body search unread, and "B" body search all.
++ *	Choose your pattern, and you will be presented with a merged group
++ *	containing the articles you chose.  There may still be bugs!
++ *	WARNING:
++ *	THIS WOULD BE *BAD* FOR NNTP SITES!  You don't want all your
++ *	users downloading the entire news database...
++ */
++
++/* #define ART_GREP	*/
++
++/*
++ *	CACHE_PURPOSE
++ *	Defining this makes NN cache the newsgroup/purpose list, sorted
++ *	in memory and use binary search to locate a group's purpose.
++ *	This can be a winner on systems with *everything* in their
++ *	newsgroups list.  Note that this will cause nn to always download
++ *	the newsgroup/purpose list.  This will increase startup time for nn
++ *	but is still a win for people who have show-purpose-mode=2.
++ *	Currently CACHE_PURPOSE and nnmaster don't work together,
++ *	so please leave this undefined unless you are using NOV.
++ */
++
++/* #define CACHE_PURPOSE	*/
++
++/*
++ * If you aren't running nnmaster you can stop here.
++ */
++
++/************************ NNMASTER CONFIGURATION *************************/
++
++/*********************** NETWORK DEPENDENT DEFINITIONS **********************
++ *
++ *	Define NETWORK_DATABASE if you share the database through NFS on
++ *	a network with different, non-compatible machines, e.g. SUNs and
++ *	VAXen, or SUN-3 and SUN-4, or if you are using different compilers
++ *	on the same architecture.
++ *
++ *	In a homogenous network, you can leave it undefined for higher
++ *	performance (no data conversion is needed).
++ */
++
++/* #define NETWORK_DATABASE	*/
++
++
++/**************************** DATABASE LOCATION **************************
++ *
++ *	Specify where the nn database should be installed.
++ *
++ *	If none of the following symbols are defined, the database will
++ *	be contained in the NEWS_DIRECTORY in a separate .nn directory for
++ *	master files and in files named .nnx and .nnd in each group's
++ *	spool directory.  To use this scheme, the OWNER specified above
++ *	must have write permission on the news spool directories.
++ *
++ *	If you access news via NNTP, you will probably always have to
++ *	give the database directory explicitly through DB_DIRECTORY
++ *	(and DB_DATA_DIRECTORY), since the normal news spool directories
++ *	are probably not available on the local system.
++ *	The exception may be if nnmaster runs directly on the nntp server.
++ *
++ *	To change the default behavior, you can define the following
++ *	symbols:
++ *
++ *	DB_DIRECTORY	   - the directory containing the master files.
++ *
++ *	DB_DATA_DIRECTORY  - the directory containing the per-group files
++ *			     (default is DB_DIRECTORY/DATA if undefined).
++ *
++ *	DB_LONG_NAMES	   - use group's name rather than number when
++ *			     building file names in DB_DATA_DIRECTORY.
++ *	     (The file system must support long file names!!)
++ */
++
++/* #define DB_DIRECTORY	"/usr/spool/nn"	*/
++
++
++/*************************** NEWS TRANSPORT **************************
++ *
++ *	Specify the location of your news programs and files
++ *	You only need to specify these if you are not
++ *	satisfied with the default settings.
++ *
++ *	NEWS_DIRECTORY		- The news spool directory.
++ *				  Default: /usr/spool/news
++ *
++ *	NEWS_LIB_DIRECTORY	- The news lib directory.
++ *				  Default: /usr/lib/news
++ *
++ *	RMGROUP_PATH		- The location of the rmgroup program.
++ *				  Default: NEWS_LIB_DIR/{rm,del}group
++ */
++
++/* #define NEWS_DIRECTORY	"/usr/spool/news"	*/
++/* #define NEWS_LIB_DIRECTORY	"/usr/lib/news"		*/
++
++/************************ CONFIGURATION COMPLETED ************************/
++
+--- nn-6.7.3.orig/debian/control
++++ nn-6.7.3/debian/control
+@@ -0,0 +1,29 @@
++Source: nn
++Section: news
++Priority: optional
++Maintainer: Cord Beermann <cord@debian.org>
++Build-Depends: debhelper (>= 9), gawk, libncurses-dev
++Standards-Version: 3.9.6
++Homepage: http://www.nndev.org
++
++Package: nn
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Recommends: sendmail | mail-transport-agent
++Suggests: ispell, gnupg
++Provides: news-reader
++Description: Heavy-duty USENET news reader (curses-based client)
++ The motto of nn is its expanded name, which is "No News is good
++ news, but nn is better", and the nn newsreader is designed to let you
++ minimize the amount of time you spend reading news (or, more
++ realistically, to allow you to follow even more newsgroups :-).
++ .
++ Nn allows you to quickly select articles of interest and skip the
++ rest.  It also supports efficient article killing and selection of
++ articles by author and subject.
++ .
++ This version of nn reads news from a news server via NNTP (the
++ Network News Transfer Protocol), and can make use of your NNTP
++ server's NOV database, if configured.  You must have a news server
++ available - large sites usually provide a site-wide server.  (For
++ those familiar with 'nn', this is a client-only version.)
+--- nn-6.7.3.orig/debian/copyright
++++ nn-6.7.3/debian/copyright
+@@ -0,0 +1,60 @@
++This package was debianized by Cord Beermann <cord@debian.org> on
++Sat, 22 Sep 2001 21:11:46 +0200.
++
++This package was originally put together by Mike Coleman
++<coleman@cstp.umkc.edu>, then taken over by Martin Schulze <joey@debian.org>
++and is now maintained by Cord Beermann <cord@debian.org>.
++
++It was downloaded from http://www.nndev.org
++
++Author(s): Kim F. Storm, Peter Wemm, and Michael T Pins.
++
++Actual Keeper of the sources is Michael T. Pins <mtpins@nndev.org>
++
++Copyright:
++
++Copyright (c) 1989, 1990 by Kim Fabricius Storm.  All rights reserved.
++
++Not derived from licensed software except as stated below.
++
++Permission is granted to anyone to use, modify, and reuse this
++software for any purpose on any computer system, and to redistribute
++it freely, subject to the following restrictions:
++
++1. The author is not responsible for the consequences of use of this
++   software, no matter how awful, even if they arise from defects in it.
++
++2. The origin of this software must not be misrepresented, either by
++   explicit claim or by omission.
++
++3. Altered versions must be plainly marked as such, and must not be
++   misrepresented as being the original software.
++
++The following code modules have been incorporated into nn, and the
++above copyright notice does not apply to these modules; they include
++their own copyright notices (or have none):
++
++regexp.c:       Copyright (c) 1986 by University of Toronto.
++                Written by Henry Spencer.
++
++unshar.c:       No copyright notice.
++                Written by K. Greer, S. Shafer, and M. Mauldin
++
++decode.c:       Derived from a modified Berkeley original posted on
++                USENET.
++
++fullname.c:     Copyright (c) 1986 by Rick Adams.
++                Derived from the Bnews distribution.
++
++contrib/*:      Various copyright notices.
++                The software available in the contrib/ directory was sent
++                to me for inclusion in the nn distribution, because
++                the authors think it might be useful to other nn users.
++                I have included it *as is*.
++
++
++I've added a patch by Kristian Köhntopp <kris@schulung.netuse.de> and Stefan
++Röhrich <sr@stefan.lake.de>, see PATCH.RFC1522. It adds support for different
++ISO-Charsets as iso-8859-1.
++
++
+--- nn-6.7.3.orig/debian/dirs
++++ nn-6.7.3/debian/dirs
+@@ -0,0 +1,5 @@
++etc/news
++usr/bin
++usr/lib/nn
++usr/share/man/man1
++usr/share/man/man8
+--- nn-6.7.3.orig/debian/docs
++++ nn-6.7.3/debian/docs
+@@ -0,0 +1,3 @@
++README
++INSTALLATION
++
+--- nn-6.7.3.orig/debian/menu
++++ nn-6.7.3/debian/menu
+@@ -0,0 +1,4 @@
++?package(nn):\
++	needs="text" section="Applications/Network/Communication"\
++	title="nn" longtitle="No news is good news, but nn is better"\
++	command="/usr/bin/nn"
+--- nn-6.7.3.orig/debian/nn.config
++++ nn-6.7.3/debian/nn.config
+@@ -0,0 +1,20 @@
++#!/bin/sh
++
++set -e
++
++# We need debconf.
++. /usr/share/debconf/confmodule
++
++go=0
++
++if [ ! -f /etc/news/server ]
++ then
++#        if [ ! -d /etc/news ]
++#	then
++#		install -d -m 755 -o news -g news /etc/news
++#	fi
++	db_input high nn/ask-newsserver || true
++	db_go
++fi
++
++exit 0
+--- nn-6.7.3.orig/debian/nn.templates
++++ nn-6.7.3/debian/nn.templates
+@@ -0,0 +1,5 @@
++Template: nn/ask-newsserver
++Type: string
++Default: news
++_Description: NNTP server to use:
++ Enter the fully qualified host name of the news server to use for reading.
+--- nn-6.7.3.orig/debian/nnbatch.1
++++ nn-6.7.3/debian/nnbatch.1
+@@ -0,0 +1,44 @@
++.\"                                      Hey, EMACS: -*- nroff -*-
++.\" First parameter, NAME, should be all caps
++.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
++.\" other parameters are allowed: see man(7), man(1)
++.TH NN 1 "20011021"
++.\" Please adjust this date whenever revising the manpage.
++.\"
++.\" Some roff macros, for reference:
++.\" .nh        disable hyphenation
++.\" .hy        enable hyphenation
++.\" .ad l      left justify
++.\" .ad b      justify to both left and right margins
++.\" .nf        disable filling
++.\" .fi        enable filling
++.\" .br        insert line break
++.\" .sp <n>    insert n+1 empty lines
++.\" for manpage-specific macros, see man(7)
++.SH NAME
++nnbatch \- nn in batch mode.
++.SH SYNOPSIS
++.B nnbatch
++.RI [ options ] " files" ...
++.SH DESCRIPTION
++This manual page documents briefly the
++.B nnbatch
++command.
++This manual page was written for the Debian GNU/Linux distribution
++because the original program does not have a manual page.
++.PP
++\fBnnbatch\fP is a program that starts 
++\fBnn\fP in batch mode. 
++
++.SH OPTIONS
++This program takes the same options as 
++\fBnn\fP. 
++For a description, see the 
++\fBnn\fP manpage.
++
++.SH SEE ALSO
++.BR nn (1)
++
++.SH AUTHOR
++This manual page was written by Cord Beermann <cord@debian.org>,
++for the Debian GNU/Linux system (but may be used by others).
+--- nn-6.7.3.orig/debian/po/POTFILES.in
++++ nn-6.7.3/debian/po/POTFILES.in
+@@ -0,0 +1 @@
++[type: gettext/rfc822deb] nn.templates
+--- nn-6.7.3.orig/debian/po/cs.po
++++ nn-6.7.3/debian/po/cs.po
+@@ -0,0 +1,28 @@
++# Czech translation of nn templates
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn 6.6.5-2\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-10 23:38-0800\n"
++"PO-Revision-Date: 2005-05-14 11:33+0200\n"
++"Last-Translator: Martin Sin <martin.sin@seznam.cz>\n"
++"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr "Použít NNTP server:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Zadejte plně kvalifikovaný název hostitelského po�íta�e, který se má použít "
++"pro získávání news příspěvků."
+--- nn-6.7.3.orig/debian/po/da.po
++++ nn-6.7.3/debian/po/da.po
+@@ -0,0 +1,43 @@
++#
++#    Translators, if you are not familiar with the PO format, gettext
++#    documentation is worth reading, especially sections dedicated to
++#    this format, e.g. by running:
++#         info -n '(gettext)PO Files'
++#         info -n '(gettext)Header Entry'
++#    Some information specific to po-debconf are available at
++#            /usr/share/doc/po-debconf/README-trans
++#         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++#    Developers do not need to manually edit POT or PO files.
++# Claus Hindsgaul <claus_h@image.dk>, 2005.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn debconf\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-10 23:38-0800\n"
++"PO-Revision-Date: 2005-08-16 11:34+0200\n"
++"Last-Translator: Claus Hindsgaul <claus_h@image.dk>\n"
++"Language-Team: Danish <dansk@klid.dk>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: KBabel 1.9.1\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr "NNTP-server, der skal benyttes:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "Enter the fully qualified host name of the news server to use for reading."
++msgstr "Angiv det fulde værtsnavn på den nyhedsserver, der skal læses fra."
++
++#~ msgid "What news server (NNTP server) should I use for reading?"
++#~ msgstr "Hvilken nyhedsserver (NNTP) skal jeg bruge til at læse fra?"
++
++#~ msgid "Enter its full name:"
++#~ msgstr "Indtast dens fulde navn:"
++
+--- nn-6.7.3.orig/debian/po/de.po
++++ nn-6.7.3/debian/po/de.po
+@@ -0,0 +1,40 @@
++#
++#    Translators, if you are not familiar with the PO format, gettext
++#    documentation is worth reading, especially sections dedicated to
++#    this format, e.g. by running:
++#         info -n '(gettext)PO Files'
++#         info -n '(gettext)Header Entry'
++#    Some information specific to po-debconf are available at
++#            /usr/share/doc/po-debconf/README-trans
++#         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++#    Developers do not need to manually edit POT or PO files.
++# Erik Schanze <mail@erikschanze.de>, 2005.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn_6.6.5-2_de\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-10 23:38-0800\n"
++"PO-Revision-Date: 2005-06-03 21:59+0200\n"
++"Last-Translator: Erik Schanze <mail@erikschanze.de>\n"
++"Language-Team: German <debian-l10n-german@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: KBabel 1.9.1\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr "verwendeter NNTP-Server:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Geben Sie den vollständigen Rechnernamen des News-Servers ein, den Sie zum "
++"Lesen verwenden."
++
+--- nn-6.7.3.orig/debian/po/es.po
++++ nn-6.7.3/debian/po/es.po
+@@ -0,0 +1,51 @@
++# nn po-debconf translation to Spanish
++# Copyright (C) 2009 Software in the Public Interest
++# This file is distributed under the same license as the nn package.
++#
++# Changes:
++#   - Initial translation
++#       Ricardo Fraile <rikr@esdebian.org>, 2009
++#
++# Traductores, si no conocen el formato PO, merece la pena leer la
++# documentación de gettext, especialmente las secciones dedicadas a este
++# formato, por ejemplo ejecutando:
++#       info -n '(gettext)PO Files'
++#       info -n '(gettext)Header Entry'
++#
++# Equipo de traducción al español, por favor lean antes de traducir
++# los siguientes documentos:
++#
++#   - El proyecto de traducción de Debian al español
++#     http://www.debian.org/intl/spanish/
++#     especialmente las notas y normas de traducción en
++#     http://www.debian.org/intl/spanish/notas
++#
++#   - La guía de traducción de po's de debconf:
++#     /usr/share/doc/po-debconf/README-trans
++#     o http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn 6.7.3-2.1\n"
++"Report-Msgid-Bugs-To: nn@packages.debian.org\n"
++"POT-Creation-Date: 2008-05-27 18:36+0200\n"
++"PO-Revision-Date: 2009-10-16 10:52+0200\n"
++"Last-Translator: Ricardo Fraile <rikr@esdebian.org>\n"
++"Language-Team: Debian l10n Spanish <debian-l10n-spanish@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "Servidor NNTP a utilizar:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr "Escriba el nombre completo del servidor de noticias a utilizar para la lectura."
++
+--- nn-6.7.3.orig/debian/po/eu.po
++++ nn-6.7.3/debian/po/eu.po
+@@ -0,0 +1,37 @@
++# translation of nn-eu.po to librezale
++# Piarres Beobide <pi@beobide.net>, 2006.
++#    Translators, if you are not familiar with the PO format, gettext
++#    documentation is worth reading, especially sections dedicated to
++#    this format, e.g. by running:
++#         info -n '(gettext)PO Files'
++#         info -n '(gettext)Header Entry'
++#    Some information specific to po-debconf are available at
++#            /usr/share/doc/po-debconf/README-trans
++#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#    Developers do not need to manually edit POT or PO files.
++msgid ""
++msgstr ""
++"Project-Id-Version: nn-eu\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2006-11-17 07:53+0100\n"
++"PO-Revision-Date: 2006-11-17 21:53+0100\n"
++"Last-Translator: Piarres Beobide <pi@beobide.net>\n"
++"Language-Team: librezale <librezale@librezale.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=2; plural=(n != 1)\n"
++"X-Generator: KBabel 1.11.4\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "Erabiliko den NNTP zerbitzaria:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "Enter the fully qualified host name of the news server to use for reading."
++msgstr "Idatzi irakurketarako erabiliko den berri-talde zerbitzariaren guztiz baliozko ostalari izena (fqhn)."
++
+--- nn-6.7.3.orig/debian/po/fr.po
++++ nn-6.7.3/debian/po/fr.po
+@@ -0,0 +1,38 @@
++#
++#    Translators, if you are not familiar with the PO format, gettext
++#    documentation is worth reading, especially sections dedicated to
++#    this format, e.g. by running:
++#         info -n '(gettext)PO Files'
++#         info -n '(gettext)Header Entry'
++#
++#    Some information specific to po-debconf are available at
++#            /usr/share/doc/po-debconf/README-trans
++#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++#    Developers do not need to manually edit POT or PO files.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-10 23:38-0800\n"
++"PO-Revision-Date: 2005-03-06 10:28+0200\n"
++"Last-Translator: Eric Madesclair <eric-m@wanadoo.fr>\n"
++"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=ISO-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr "Nom d'hôte du serveur NNTP :"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Veuillez indiquer le nom complet du serveur utilisé pour lire les nouvelles."
+--- nn-6.7.3.orig/debian/po/it.po
++++ nn-6.7.3/debian/po/it.po
+@@ -0,0 +1,31 @@
++# nn po-debconf translation to italian
++# Copyright (C) 2004 Software in the Public Interest
++# This file is distributed under the same license as the nn package.
++# Luca Monducci <luca.mo@tiscali.it>, 2008.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn 6.7.3 debconf\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2008-03-17 04:43+0100\n"
++"PO-Revision-Date: 2008-11-08 13:00+0100\n"
++"Last-Translator: Luca Monducci <luca.mo@tiscali.it>\n"
++"Language-Team: Italian <debian-l10n-italian@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "Server NNTP da usare:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Inserire il nome host completamente qualificato del server news da usare per "
++"la lettura."
+--- nn-6.7.3.orig/debian/po/ja.po
++++ nn-6.7.3/debian/po/ja.po
+@@ -0,0 +1,38 @@
++#
++#    Translators, if you are not familiar with the PO format, gettext
++#    documentation is worth reading, especially sections dedicated to
++#    this format, e.g. by running:
++#         info -n '(gettext)PO Files'
++#         info -n '(gettext)Header Entry'
++#
++#    Some information specific to po-debconf are available at
++#            /usr/share/doc/po-debconf/README-trans
++#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++#    Developers do not need to manually edit POT or PO files.
++#
++#, fuzzy
++msgid ""
++msgstr ""
++"Project-Id-Version: nn 6.6.5-2\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-10 23:38-0800\n"
++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
++"Last-Translator: NOSHIRO Shigeo <noshiro@debian.org>\n"
++"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=EUC-JP\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr "$B;HMQ$9$k(BNNTP server"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr "$B%K%e!<%9$rFI$`$?$a$K;HMQ$9$k%K%e!<%9%5!<%P$N(BFQDN$B$rF~$l$F2<$5$$(B"
+--- nn-6.7.3.orig/debian/po/ka.po
++++ nn-6.7.3/debian/po/ka.po
+@@ -0,0 +1,29 @@
++msgid ""
++msgstr ""
++"Project-Id-Version: nn_6.6.5-2_ka\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2006-11-17 07:53+0100\n"
++"PO-Revision-Date: 2006-11-17 21:05+0400\n"
++"Last-Translator: Aiet Kolkhi <aietkolkhi@gmail.com>\n"
++"Language-Team: Georgian <ka@aiet.qartuli.net>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=utf-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=1;plural=0;\n"
++"X-Poedit-Language: Georgian\n"
++"X-Poedit-Country: GEORGIA\n"
++"X-Poedit-SourceCharset: utf-8\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "გ�მ�ს�ყენებელი NNTP სერვერი:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"შეიყვ�ნეთ news-სერვერის სრული ს�ხელი, რ�მლის გ�მ�ყენებ�ც წ�ს�კითხ�დ გსურთ."
+--- nn-6.7.3.orig/debian/po/nl.po
++++ nn-6.7.3/debian/po/nl.po
+@@ -0,0 +1,30 @@
++# SOME DESCRIPTIVE TITLE.
++# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
++# This file is distributed under the same license as the PACKAGE package.
++# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2007-01-13 19:55+0100\n"
++"PO-Revision-Date: 2007-04-06 13:16+0100\n"
++"Last-Translator: Bart Cornelis <cobaco@skolelinux.no>\n"
++"Language-Team: debian-l10n-dutch <debian-l10n-dutch@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=utf-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Poedit-Language: Dutch\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "Te gebruiken NNTP-server:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "Enter the fully qualified host name of the news server to use for reading."
++msgstr "Wat is de volledig gekwalificeerde domeinnaam (FQDN) van de nieuwsserver die u gebruikt om nieuws te lezen?"
++
+--- nn-6.7.3.orig/debian/po/pt.po
++++ nn-6.7.3/debian/po/pt.po
+@@ -0,0 +1,27 @@
++# Portuguese translation for nn's debconf messages
++# Luísa Lourenço <kikentai@gmail.com>, 2006
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-10 23:38-0800\n"
++"PO-Revision-Date: 2006-06-03 15:18+0000\n"
++"Last-Translator: Luísa Lourenço <kikentai@gmail.com>\n"
++"Language-Team: Portuguese <traduz@debianpt.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr "Servidor de NNTP a usar:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr "Insira o nome do host do servidor de news a usar para ler."
+--- nn-6.7.3.orig/debian/po/pt_BR.po
++++ nn-6.7.3/debian/po/pt_BR.po
+@@ -0,0 +1,32 @@
++# nn Brazilian Portuguese translation
++# Copyright (c) 2007 nn's PACKAGE COPYRIGHT HOLDER
++# This file is distributed under the same license as the nn package.
++# Eder L. Marques <frolic@debian-ce.org>, 2007.
++#
++msgid ""
++msgstr "pt_BR utf-8\n"
++"Project-Id-Version: nn_6.7.3-2\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2007-01-13 19:55+0100\n"
++"PO-Revision-Date: 2007-10-05 01:47-0300\n"
++"Last-Translator: Eder L. Marques <frolic@debian-ce.org>\n"
++"Language-Team: l10n Portuguese <debian-l10n-portuguese@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: KBabel 1.11.4\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "Servidor NNTP a ser usado:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Informe o nome de máquina completamente qualificado do servidor de notícias "
++"a ser usado para leitura."
++
+--- nn-6.7.3.orig/debian/po/ru.po
++++ nn-6.7.3/debian/po/ru.po
+@@ -0,0 +1,39 @@
++# translation of nn_6.7.2-1_ru.po to Russian
++#
++#    Translators, if you are not familiar with the PO format, gettext
++#    documentation is worth reading, especially sections dedicated to
++#    this format, e.g. by running:
++#         info -n '(gettext)PO Files'
++#         info -n '(gettext)Header Entry'
++#    Some information specific to po-debconf are available at
++#            /usr/share/doc/po-debconf/README-trans
++#         or http://www.debian.org/intl/l10n/po-debconf/README-trans#
++#    Developers do not need to manually edit POT or PO files.
++# Yuri Kozlov <kozlov.y@gmail.com>, 2006.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: nn_6.7.2-1\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2006-11-17 07:53+0100\n"
++"PO-Revision-Date: 2006-04-09 14:21+0300\n"
++"Last-Translator: Yuri Kozlov <kozlov.y@gmail.com>\n"
++"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"X-Generator: KBabel 1.9.1\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr "Сервер NNTP:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Укажите полное им� �ервера, который будет и�пользовать�� дл� чтени� ново�тей."
+--- nn-6.7.3.orig/debian/po/sv.po
++++ nn-6.7.3/debian/po/sv.po
+@@ -0,0 +1,38 @@
++# Translators, if you are not familiar with the PO format, gettext
++# documentation is worth reading, especially sections dedicated to
++# this format, e.g. by running:
++# info -n '(gettext)PO Files'
++# info -n '(gettext)Header Entry'
++# Some information specific to po-debconf are available at
++# /usr/share/doc/po-debconf/README-trans
++# or http://www.debian.org/intl/l10n/po-debconf/README-trans
++# Developers do not need to manually edit POT or PO files.
++# , fuzzy
++# 
++# 
++msgid ""
++msgstr ""
++"Project-Id-Version: nn 6.6.5-2\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2006-11-17 07:53+0100\n"
++"PO-Revision-Date: 2005-10-04 04:36+0200\n"
++"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
++"Language-Team: Swedish <sv@li.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=iso-8859-1\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "NNTP-server att använda:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Ange det fullt kvalificerade värdnamnet till news-servern som används för "
++"läsning."
+--- nn-6.7.3.orig/debian/po/templates.pot
++++ nn-6.7.3/debian/po/templates.pot
+@@ -0,0 +1,38 @@
++#
++#    Translators, if you are not familiar with the PO format, gettext
++#    documentation is worth reading, especially sections dedicated to
++#    this format, e.g. by running:
++#         info -n '(gettext)PO Files'
++#         info -n '(gettext)Header Entry'
++#
++#    Some information specific to po-debconf are available at
++#            /usr/share/doc/po-debconf/README-trans
++#         or http://www.debian.org/intl/l10n/po-debconf/README-trans
++#
++#    Developers do not need to manually edit POT or PO files.
++#
++#, fuzzy
++msgid ""
++msgstr ""
++"Project-Id-Version: PACKAGE VERSION\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2004-03-10 23:38-0800\n"
++"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
++"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
++"Language-Team: LANGUAGE <LL@li.org>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=CHARSET\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid "NNTP server to use:"
++msgstr ""
++
++#. Type: string
++#. Description
++#: ../nn.templates:4
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
+--- nn-6.7.3.orig/debian/po/vi.po
++++ nn-6.7.3/debian/po/vi.po
+@@ -0,0 +1,31 @@
++# Vietnamese translation for nn.
++# Copyright © 2006 Free Software Foundation, Inc.
++# Clytie Siddall <clytie@riverland.net.au>, 2005-2006.
++# 
++msgid ""
++msgstr ""
++"Project-Id-Version: nn 6.6.5-2\n"
++"Report-Msgid-Bugs-To: \n"
++"POT-Creation-Date: 2006-11-17 07:53+0100\n"
++"PO-Revision-Date: 2006-11-19 15:31+1030\n"
++"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
++"Language-Team: Vietnamese <vi-VN@googlegroups.com>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=utf-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++"Plural-Forms: nplurals=1; plural=0;\n"
++"X-Generator: LocFactoryEditor 1.6fc1\n"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid "NNTP server to use:"
++msgstr "Máy phục vụ NNTP cần dùng:"
++
++#. Type: string
++#. Description
++#: ../nn.templates:1001
++msgid ""
++"Enter the fully qualified host name of the news server to use for reading."
++msgstr ""
++"Hãy nhập tên máy khả năng đầy đủ của máy phục vụ tin tức cần sử dụng để đ�c."
+--- nn-6.7.3.orig/debian/postinst
++++ nn-6.7.3/debian/postinst
+@@ -0,0 +1,52 @@
++#! /bin/sh
++# postinst script for nn
++#
++# see: dh_installdeb(1)
++
++set -e
++
++. /usr/share/debconf/confmodule
++
++# summary of how this script can be called:
++#        * <postinst> `configure' <most-recently-configured-version>
++#        * <old-postinst> `abort-upgrade' <new version>
++#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
++#          <new-version>
++#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
++#          <failed-install-package> <version> `removing'
++#          <conflicting-package> <version>
++# for details, see /usr/share/doc/packaging-manual/
++#
++# quoting from the policy:
++#     Any necessary prompting should almost always be confined to the
++#     post-installation script, and should be protected with a conditional
++#     so that unnecessary prompting doesn't happen if a package's
++#     installation fails and the `postinst' is called with `abort-upgrade',
++#     `abort-remove' or `abort-deconfigure'.
++
++case "$1" in
++    configure)
++	# setting /etc/news/server
++	db_get nn/ask-newsserver || true
++	echo $RET > /etc/news/server
++	db_stop
++    ;;
++
++    abort-upgrade|abort-remove|abort-deconfigure)
++
++    ;;
++
++    *)
++        echo "postinst called with unknown argument \`$1'" >&2
++        exit 0
++    ;;
++esac
++
++# dh_installdeb will replace this with shell code automatically
++# generated by other debhelper scripts.
++
++#DEBHELPER#
++
++exit 0
++
++
+--- nn-6.7.3.orig/debian/rules
++++ nn-6.7.3/debian/rules
+@@ -0,0 +1,87 @@
++#!/usr/bin/make -f
++# Sample debian/rules that uses debhelper.
++# GNU copyright 1997 to 1999 by Joey Hess.
++
++# Uncomment this to turn on verbose mode.
++#export DH_VERBOSE=1
++
++# This is the debhelper compatibility version to use.
++#export DH_COMPAT=4
++
++# Hardening
++export DPKG_EXPORT_BUILDFLAGS = 1
++include /usr/share/dpkg/buildflags.mk
++
++configure: configure-stamp
++configure-stamp:
++	dh_testdir
++	# Add here commands to configure the package.
++	cp -f debian/config.h .
++
++	touch configure-stamp
++
++build-arch: build-stamp
++build-indep: build-stamp
++build: build-stamp
++build-stamp: configure-stamp
++	dh_testdir
++
++	# Add here commands to compile the package.
++	$(MAKE)
++	#/usr/bin/docbook-to-man debian/nn.sgml > nn.1
++
++	touch build-stamp
++
++clean:
++	dh_testdir
++	dh_testroot
++	# Add here commands to clean up after the build process.
++	[ ! -f config.h ] || $(MAKE) clean
++	rm -f build-stamp configure-stamp config.h update.h
++	dh_clean
++
++install: build
++	dh_testdir
++	dh_testroot
++	dh_prep
++	dh_installdirs
++
++	# Add here commands to install the package into debian/nn.
++	DESTDIR=$(CURDIR)/debian/nn ./inst n
++
++# Build architecture-independent files here.
++binary-indep: build install
++# We have nothing to do by default.
++
++# Build architecture-dependent files here.
++binary-arch: build install
++	dh_testdir
++	dh_testroot
++	dh_installdebconf	
++	dh_installdocs
++	dh_installexamples
++	dh_installmenu
++#	dh_installlogrotate
++#	dh_installemacsen
++#	dh_installpam
++#	dh_installmime
++#	dh_installinit
++	dh_installcron
++	dh_installman debian/nnbatch.1
++	dh_installinfo
++#	dh_undocumented
++	dh_installchangelogs ChangeLog
++	dh_link
++	dh_strip
++	dh_compress
++	dh_fixperms
++#	dh_makeshlibs
++	dh_installdeb
++#	dh_perl
++	dh_shlibdeps
++	dh_gencontrol
++	dh_md5sums
++	dh_builddeb
++
++binary: binary-indep binary-arch
++.PHONY: build clean binary-indep binary-arch binary install configure
+--- nn-6.7.3.orig/debian/source/format
++++ nn-6.7.3/debian/source/format
+@@ -0,0 +1 @@
++1.0
+--- nn-6.7.3.orig/debian/watch
++++ nn-6.7.3/debian/watch
+@@ -0,0 +1,4 @@
++# Site		Directory		Pattern			Version	Script
++#ftp.nndev.org	/pub/nn-6.6	nn-(.*)\.tar\.Z		debian	uupdate
++version=3
++ftp://ftp.nndev.org/pub/nn-6.7/nn-(.*)\.tar\.Z debian uupdate
+--- nn-6.7.3.orig/format.awk
++++ nn-6.7.3/format.awk
+@@ -16,7 +16,7 @@
+ 
+ 	printf("From: %s\nSubject:", progname);
+ 	if ($2 == "NAME") {
+-		getline
++		local_getline
+ 		for (i = 2; i <= NF; i++) printf(" %s", $i);
+ 		printf("\n\n")
+ 		print
+@@ -73,7 +73,7 @@
+ 
+ 	printf("\n")
+ 
+-	getline; linebuf = $0
++	local_getline; linebuf = $0
+ 	indent = "     "
+ 	curcol = indcol = 5
+ 	if (length(linebuf) >= 5) {
+--- nn-6.7.3.orig/global.c
++++ nn-6.7.3/global.c
+@@ -312,12 +312,6 @@
+     help_directory = mk_file_name(lib_directory, "help");
+ #endif
+ 
+-#ifdef LOG_FILE
+-    log_file = LOG_FILE;
+-#else
+-    log_file = mk_file_name(LIB_DIRECTORY, "Log");
+-#endif
+-
+     if (who_am_i == I_AM_MASTER || who_am_i == I_AM_SPEW)
+ 	return 0;
+ 
+@@ -339,6 +333,12 @@
+ 
+     organization = getenv("ORGANIZATION");
+ 
++#ifdef LOG_FILE
++    log_file = LOG_FILE;
++#else
++    log_file = mk_file_name(nn_directory, "Log");
++#endif
++
+     return 0;
+ }
+ 
+@@ -1186,6 +1186,22 @@
+ #endif
+ }
+ 
++#ifdef NEED_STRDUP
++char *strdup(const char *s)
++{
++    char *t   = NULL;
++    int   len = 0;
++
++    if (!s)
++	return NULL;
++
++    len = strlen(s)+1;
++    t   = newstr(len);
++    strncpy(t, s, len);
++    return t;
++}
++#endif
++
+ /* Should really have some sort of configure file and use strdup().. */
+ char           *
+ strsave(char *s)
+@@ -1307,12 +1323,12 @@
+ }
+ 
+ /*
+- *	getline - gets a line from stdin
++ *	local_getline - gets a line from stdin
+  *			returns the length of the line
+  */
+ 
+ int
+-getline(char *line, int max)
++local_getline(char *line, int max)
+ {
+     if (fgets(line, max, stdin) == NULL)
+ 	return 0;
+--- nn-6.7.3.orig/global.h
++++ nn-6.7.3/global.h
+@@ -42,6 +42,19 @@
+ 
+ /* misc macros */
+ 
++#ifdef __GNUC__
++#define INLINE inline
++#else
++#define INLINE
++#endif
++
++
++#define HEXDIGIT(c) ( \
++    ((c) >= '0' && (c) <= '9') ? ((c)-'0') : \
++    (((c) >= 'A' && (c) <= 'F') ? ((c) - 'A' + 10) : \
++     (((c) >= 'a' && (c) <= 'f') ? ((c) - 'a' + 10) : 0)) \
++    )
++
+ #define fl fflush(stdout)
+ 
+ #ifdef CONTROL_
+@@ -258,7 +271,7 @@
+ char           *strsave(char *);
+ char           *str3save(char *, char *, char *);
+ char           *fgetstr(FILE *);
+-int             getline(char *, int);
++int             local_getline(char *, int);
+ extern char    *tmp_directory;
+ extern char    *nntp_cache_dir;
+ #endif				/* _NN_GLOBAL_H */
+--- nn-6.7.3.orig/inst.sh
++++ nn-6.7.3/inst.sh
+@@ -60,11 +60,11 @@
+ 	fi
+ fi
+ 
+-set $RECMAIL
+-if [ ! -f "$1" ]
+-then
+-	echo ERROR: Mailer program $RECMAIL not found.
+-fi
++#set $RECMAIL
++#if [ ! -f "$1" ]
++#then
++#	echo ERROR: Mailer program $RECMAIL not found.
++#fi
+ ) > ErrorCheck
+ 
+ if [ -s ErrorCheck ]
+@@ -246,69 +246,69 @@
+ 
+ bin)
+ 	echo
+-	if [ ! -d "$BIN"/. ]
++	if [ ! -d "$DESTDIR/$BIN"/. ]
+ 	then
+-		echo Directory $BIN does not found!
++		echo Directory $DESTDIR/$BIN does not found!
+ 		exit 1
+ 	fi
+ 
+-	echo Installing user programs in $BIN
++	echo Installing user programs in $DESTDIR/$BIN
+ 
+-	if [ -f $BIN/nn ]
++	if [ -f $DESTDIR/$BIN/nn ]
+ 	then
+ 	     (
+-		cd $BIN
++		cd $DESTDIR/$BIN
+ 		mv nn nn.old
+-		rm -f $BIN_PROG $BIN_LINK
++		rm -f $BIN_PROG $DESTDIR/$BIN_LINK
+ 	     )
+ 	fi
+ 
+ 	for prog in $BIN_PROG
+ 	do
+-		./inst copy 755 $BIN $prog
++		./inst copy 755 $DESTDIR/$BIN $prog
+ 	done
+ 
+ 	for link in $BIN_LINK
+ 	do
+-		ln $BIN/nn $BIN/$link
+-		echo $link linked to nn
++		ln -s nn $DESTDIR/$BIN/$link
++		echo $link symlinked to nn
+ 	done
+ 
+-	if [ -f $BIN/nnacct ] ; then
+-		chmod 4755 $BIN/nnacct
++	if [ -f $DESTDIR/$BIN/nnacct ] ; then
++		chmod 4755 $DESTDIR/$BIN/nnacct
+ 		echo nnacct is setuid ${OWNER}.
+ 	fi
+ 	;;
+ 
+ aux)
+ 	echo
+-	./inst mkdir $LIB 755 || exit 1
++	./inst mkdir $DESTDIR/$LIB 755 || exit 1
+ 
+-	echo Installing auxiliary programs in $LIB
++	echo Installing auxiliary programs in $DESTDIR/$LIB
+ 
+ 	for prog in $LIB_PROG
+ 	do
+-		./inst copy 755 $LIB $prog
++		./inst copy 755 $DESTDIR/$LIB $prog
+ 	done
+ 
+-	./mkprefix conf > ${LIB}/conf
++	./mkprefix conf > $DESTDIR/${LIB}/conf
+ 	grep "^#" config.h |
+-	sed -e '/_MAN_/d' -e 's/[ 	]*\/\*.*$//' >> ${LIB}/conf
+-	./inst chmod 644 ${LIB}/conf
++	sed -e '/_MAN_/d' -e 's/[ 	]*\/\*.*$//' >> $DESTDIR/${LIB}/conf
++	./inst chmod 644 $DESTDIR/${LIB}/conf
+ 	;;
+ 
+ help)
+-	./inst mkdir $HELP 755 || exit 1
++	./inst mkdir $DESTDIR/$HELP 755 || exit 1
+ 
+ 	echo
+-	echo Installing help files in $HELP
++	echo Installing help files in $DESTDIR/$HELP
+ 
+ 	cd help
+ 	for h in *
+ 	do
+ 		cd ..
+-		./cvt-help < help/$h > $HELP/$h
+-		./inst chmod 644 $HELP/$h
++		./cvt-help < help/$h > $DESTDIR/$HELP/$h
++		./inst chmod 644 $DESTDIR/$HELP/$h
+ 		echo $h
+ 		cd help
+ 	done
+@@ -327,32 +327,32 @@
+ 	} |
+ 	while read DIR SECT SRC
+ 	do
+-		if [ -d "$DIR"/. ]
++		if [ -d "$DESTDIR/$DIR"/. ]
+ 		then
+ 			for i in man/*$SRC
+ 			do
+ 				MAN=`basename ${i} $SRC`
+-				NEW=$DIR/${MAN}.$SECT
++				NEW=$DESTDIR/$DIR/${MAN}.$SECT
+ 				sed -e '/^\.TH /s/6.7/'${PL}'/' $i > $NEW
+ 				./inst chmod 644 $NEW
+ 				echo $MAN in $NEW
+ 			done
+ 		else
+-			echo $DIR not found or not writeable
++			echo $DESTDIR/$DIR not found or not writeable
+ 		fi
+ 	done
+ 	;;
+ 
+ online)
+-	./inst mkdir $HELP 755 || exit 1
++	./inst mkdir $DESTDIR/$HELP 755 || exit 1
+ 
+ 	MAN=$HELP/Manual
+ 
+ 	echo
+-	echo "Formatting online manual $MAN"
++	echo "Formatting online manual $DESTDIR/$MAN"
+ 	echo ".... (continues in background) ...."
+ 
+-	rm -f $MAN
++	rm -f $DESTDIR/$MAN
+ 
+ 	(
+ 	sed 	-e 's/\\f[BPI]//g' \
+@@ -362,9 +362,9 @@
+ 		-e '/^\.if/d' -e '/^\.ta/d' -e '/^\.nr/d' \
+ 		-e '/^\.in/d' -e 's/^\.[BI] //' \
+ 		`ls -1 man/*.? man/*.??` |
+-	${AWK} -f format.awk - > $MAN
++	${AWK} -f format.awk - > $DESTDIR/$MAN
+ 
+-	./inst chmod 644 $MAN
++	./inst chmod 644 $DESTDIR/$MAN
+ 	) &
+ 	;;
+ 
+@@ -502,9 +502,9 @@
+ 
+ done
+ 
+-if [ -f $LOG ]
++if [ -f $DESTDIR/$LOG ]
+ then
+-	chmod 666 $LOG
++	chmod 666 $DESTDIR/$LOG
+ fi
+ 
+ if $PAUSE
+--- nn-6.7.3.orig/man/nn.1.nnmaster
++++ nn-6.7.3/man/nn.1.nnmaster
+@@ -2554,7 +2554,7 @@
+ bit width of the character set (7 for "us-ascii" and "unknown", 8 for the
+ "iso-8859-\fIX\fP" sets).
+ .sp 0.5v
+-The value of this variable also determines wether \fInn\fP allows
++The value of this variable also determines whether \fInn\fP allows
+ 8-bit characters in the body of articles being posted and letters
+ being mailed (unless the value is "unknown", in which case this is
+ determined by the value of the \fBdata-bits\fP variable).
+@@ -2708,7 +2708,7 @@
+ section for more details.
+ .sp 0.5v
+ If the \fBcharset\fP has value "unknown", the value of \fBdata-bits\fP
+-also determines wether \fInn\fP allows 8-bit characters in the body of
++also determines whether \fInn\fP allows 8-bit characters in the body of
+ articles being posted and letters being mailed (this is normally
+ determined directly by the \fBcharset\fP variable).
+ .TP
+@@ -5104,7 +5104,7 @@
+ sequence.  The group itself (if it exists) is not included.
+ Examples: "comp.", "comp.unix.".
+ .TP
+-.group.name
++\&.group.name
+ Append the groups whose name ends with the specified name to the
+ sequence.  Example: ".test".
+ .TP
+--- nn-6.7.3.orig/man/nn.1.nov
++++ nn-6.7.3/man/nn.1.nov
+@@ -15,10 +15,10 @@
+ [ \fIoptions\fP ] [ \fInewsgroup\fP  |  +\fIfolder\fP  |  \fIfile\fP ]...
+ .br
+ .B nn
+--g [ -r ]
++\-g [ \-r ]
+ .br
+ .B nn
+--a0 [ \fInewsgroup\fP ]...
++\-a0 [ \fInewsgroup\fP ]...
+ .SH DESCRIPTION
+ Net news is a world-wide information exchange service covering
+ numerous topics in science and every day life.  Topics are organized
+@@ -99,18 +99,18 @@
+ Collect only articles which contain the string
+ .I WORD
+ in their subject (case is ignored).  This is normally combined with
+-the -x and -m options to find all articles on a specific subject.
++the \-x and \-m options to find all articles on a specific subject.
+ .TP
+ \-\fBs/\fP\fIregexp\fP
+ Collect only articles whose subject matches the regular expression
+ .IR regexp .
+-This is normally combined with the -x and -m options to find all
++This is normally combined with the \-x and \-m options to find all
+ articles on a specific subject.
+ .TP
+ \-\fBn\fP\fIWORD\fP or \-\fBn/\fP\fIregexp\fP
+ Same as \-\fBs\fP except that it matches on the sender's name
+ instead of the article's subject.
+-This is normally combined with the -x and -m options to find all
++This is normally combined with the \-x and \-m options to find all
+ articles from a specific author.  It cannot be mixed with the
+ \-\fBs\fP option!
+ .TP
+@@ -120,10 +120,10 @@
+ .TP
+ \-\fBm\fP
+ Merge all articles into one `meta group' instead of showing
+-them one group at a time.  This is normally used together with the -x
+-and -s options to get all the articles on a specific subject presented
++them one group at a time.  This is normally used together with the \-x
++and \-s options to get all the articles on a specific subject presented
+ on a single menu (when you don't care about which group they belong
+-to).  When -m is used, no articles will be marked as read.
++to).  When \-m is used, no articles will be marked as read.
+ .TP
+ \-\fBx\fP[\fIN\fP]
+ Present (or scan) all (or the last \fIN\fP) unread as well as
+@@ -135,7 +135,7 @@
+ Read/scan unsubscribed groups also.  Most useful when looking for
+ a specific subject in \fBall\fP groups, e.g.
+ .nf
+-	nn -mxX -sSubject all
++	nn \-mxX \-sSubject all
+ .fi
+ .TP
+ \fInews.group\fP  or  \fIfile\fP  or  \fI+folder\fP
+@@ -2378,7 +2378,7 @@
+ assignment can be used:
+ .sp 0.5v
+ .nf
+-	set included-mark  \e\ \e#\e\ \ \ # blank-#-blank
++	set included-mark  \e\ \e#\e\ \ \ # blank\-#\-blank
+ .fi
+ .sp 0.5v
+ To include a backslash in the string, it must be duplicated `\e\e'.
+@@ -2570,7 +2570,7 @@
+ bit width of the character set (7 for "us-ascii" and "unknown", 8 for the
+ "iso-8859-\fIX\fP" sets).
+ .sp 0.5v
+-The value of this variable also determines wether \fInn\fP allows
++The value of this variable also determines whether \fInn\fP allows
+ 8-bit characters in the body of articles being posted and letters
+ being mailed (unless the value is "unknown", in which case this is
+ determined by the value of the \fBdata-bits\fP variable).
+@@ -2718,7 +2718,7 @@
+ section for more details.
+ .sp 0.5v
+ If the \fBcharset\fP has value "unknown", the value of \fBdata-bits\fP
+-also determines wether \fInn\fP allows 8-bit characters in the body of
++also determines whether \fInn\fP allows 8-bit characters in the body of
+ articles being posted and letters being mailed (this is normally
+ determined directly by the \fBcharset\fP variable).
+ .TP
+@@ -2843,7 +2843,7 @@
+ normally give a message about this and sleep for a number of seconds
+ specified by this variable.  Setting this variable to zero will still
+ make \fInn\fP give the message without sleeping afterwards.  Setting
+-it to -1 will cause the message not to be shown at all.
++it to \-1 will cause the message not to be shown at all.
+ .TP
+ \fBflow-control\fP	(boolean, default true)
+ When set, \fInn\fP will turn on xon/xoff flow-control before writing
+@@ -2872,7 +2872,7 @@
+ append the article in the proper format.  If this variable is not set,
+ folders are assumed to be in the format specified via the
+ \fBmmdf-format\fP and \fBmail-format\fP variables, and articles are
+-saved in that format without checking.  Otherwise, the \fB*-format\fP
++saved in that format without checking.  Otherwise, the \fB*\-format\fP
+ variables are only used to determine the format for \fInew\fP folders.
+ .TP
+ \fBfolder-save-file\fP \fIfile\fP	(string, default not set)
+@@ -2978,7 +2978,7 @@
+ are very difficult to comprehend.  Let's all use the standard folks!
+ (And hack inews if it is the 50% rule that bothers you.)
+ .TP
+-\fBinews\fP \fIshell-command\fP	(string, default "INEWS_PATH -h")
++\fBinews\fP \fIshell-command\fP	(string, default "INEWS_PATH \-h")
+ The program which is invoked by \fInn\fP to deliver an article to the
+ news transport.  The program will be given a complete article
+ including a header containing the newsgroups to which the article is
+@@ -3171,7 +3171,7 @@
+ .fi
+ .TP
+ \fBmerge-report-rate\fP \fIrate\fP	(integer, default 1)
+-When \fInn\fP is invoked with the -m option (directly or via
++When \fInn\fP is invoked with the \-m option (directly or via
+ \fInngrap\fP), a status report of the merging process is displayed and
+ updated on the screen every \fIrate\fP seconds.  The report contains
+ the time used so far and an estimate of the time needed to complete
+@@ -3194,7 +3194,7 @@
+ \fBmonitor\fP		(boolean, default false)
+ When set, \fInn\fP will show
+ .I all
+-characters in the received messages using a "cat -v" like format.
++characters in the received messages using a "cat \-v" like format.
+ Otherwise, only the printable characters are shown (default).
+ .TP
+ \fBmotd\fP		(boolean, default true)
+@@ -3224,8 +3224,8 @@
+ \&.newsrc is the only way to recognize it as an old group:
+ .sp 0.5v
+ \fB0\fP)  Ignore groups which are not in \&.newsrc.  This will obviously
+-include new groups, and therefore you must explictly add any new
+-groups that you care about (by editting the \fI.newsrc\fP file, or
++include new groups, and therefore you must explicitly add any new
++groups that you care about (by editing the \fI.newsrc\fP file, or
+ using the \fBG\fP menu command and then subscribing to the group).
+ When \fBNNTP\fP is being used, this setting prevents the \fIactive.times\fP
+ data from being read from the server; this can be helpful
+@@ -3349,7 +3349,7 @@
+ This is the pager used by the \fB:admin\fP command (and \fInnadmin\fP)
+ when it executes certain commands, e.g. grepping in the Log file.
+ .TP
+-\fBpatch-command\fP \fIshell-command\fP	(string, default "patch -p0")
++\fBpatch-command\fP \fIshell-command\fP	(string, default "patch \-p0")
+ This is the command which is invoked by the \fB:patch\fP command.
+ .TP
+ \fBpost-distribution\fP \fIwords\fP	(string, default see below)
+@@ -3418,7 +3418,7 @@
+ .B print
+ command.  It should include an option which prevents the spooler from
+ echoing a job-id or similar to the terminal to avoid problems with
+-screen handling (e.g. lp -s on System V).
++screen handling (e.g. lp \-s on System V).
+ .TP
+ \fBquery-signature\fP		(boolean, default ...)
+ Will cause \fInn\fP to require confirmation before appending
+@@ -3452,7 +3452,7 @@
+ 	4:  If any references use layout 0, else layout 1.
+ .fi
+ .TP
+-\fBre-layout-read\fP \fIN\fP	(integer, default -1)
++\fBre-layout-read\fP \fIN\fP	(integer, default \-1)
+ When the \fBheader-lines\fP variable is not set, or contains the "*"
+ field specifier, a line similar to the menu line will be used as the
+ header of the article in reading mode, including the sender's name and
+@@ -3795,7 +3795,7 @@
+ \fBuse-editor-line\fP		(boolean, default true)
+ Most editors accept arguments of the form:
+ .nf
+-	editor [-arguments] +n filename
++	editor [\-arguments] +n filename
+ .fi
+ where editor is the name of the editor, and n is the line number to put the
+ cursor upon entering the file.  If use-editor-line is false, it will not
+@@ -4023,9 +4023,9 @@
+ as the global init file.  The list of init files must
+ \fInot\fP be separated from the \fB\-I\fP option by blanks, and it
+ must be the first option.  Example:  The default behaviour corresponds
+-to using -I,init (first the global file, then the file ~/.nn/init).
++to using \-I,init (first the global file, then the file ~/.nn/init).
+ The global \fIsetup\fP file is still read as the first init file
+-independently of the -I option used.
++independently of the \-I option used.
+ .TP
+ \-\fBk\fP	{\fBtoggle kill\fP}
+ Do not [do] perform automatic kill and selection of articles.
+@@ -4044,7 +4044,7 @@
+ .TP
+ \-\fBm\fP	{\fIno corresponding variable\fP}
+ Merge all articles into one `meta group' instead of showing
+-them one group at a time.  When -m is used, no articles will be marked
++them one group at a time.  When \-m is used, no articles will be marked
+ as read.
+ .TP
+ \-\fBn\fP\fIWORD\fP
+@@ -4099,7 +4099,7 @@
+ Read/scan unsubscribed groups also.  Most useful when looking for
+ a specific subject in all groups, e.g.
+ .br
+-   nn -mxX -sSubject all
++   nn \-mxX \-sSubject all
+ .br
+ .SH MACRO DEFINITIONS
+ Practically any combination of commands and key strokes can be defined
+@@ -4900,7 +4900,7 @@
+ unset the flow-control variable if the tty is a pseudo-tty, the
+ following conditional can be used:
+ .nf
+-	on [ -n "`tty | grep ttyp`" ]
++	on [ \-n "`tty | grep ttyp`" ]
+ 		unset flow-control
+ 	end
+ .fi
+@@ -5021,7 +5021,7 @@
+ .nf
+ 	\fBon entry\fP comp.sources* alt.sources
+ 		:set cross-post on   # set before collection
+-		:local auto-read-mode-limit -1   # set before showing menu
++		:local auto-read-mode-limit \-1   # set before showing menu
+ 		::unset cross-post   # set after collection
+ 	\fBend\fP
+ .fi
+@@ -5139,7 +5139,7 @@
+ sequence.  The group itself (if it exists) is not included.
+ Examples: "comp.", "comp.unix.".
+ .TP
+-.group.name
++\&.group.name
+ Append the groups whose name ends with the specified name to the
+ sequence.  Example: ".test".
+ .TP
+--- nn-6.7.3.orig/man/nnadmin.1m
++++ nn-6.7.3/man/nnadmin.1m
+@@ -1,4 +1,4 @@
+-.TH NNADMIN 1M "Release 6.6"
++.TH NNADMIN 1m "Release 6.6"
+ .\" (c) Copyright 1988, 1990, Kim F. Storm.  All rights reserved.
+ .UC 4
+ .SH NAME
+@@ -32,7 +32,7 @@
+ argument will be used as a series of key-strokes which are interpreted
+ exactly as if they were typed in from the keyboard in interactive
+ mode.  For example, to stop the \fInnmaster\fP, the following
+-invokation of nnadmin can be used:
++invocation of nnadmin can be used:
+ .br
+ 	\fInnadmin\fP MK
+ .br
+@@ -451,7 +451,7 @@
+ .TP
+ initialized
+ .br
+-The time when the database was last rebuild using \fInnmaster\fP -I.
++The time when the database was last rebuild using \fInnmaster\fP \-I.
+ .TP
+ last_scan, last_size
+ .br
+@@ -619,7 +619,7 @@
+ can use \fInnadmin\fP to send messages to the \fInnmaster\fP.
+ However, to send a wakeup signal to the master, anybody can run
+ .br
+-	\fInnmaster\fP -w
++	\fInnmaster\fP \-w
+ .SH BUGS
+ The user interface is completely out of line with the rest of the
+ \fInn\fP family, and the way to run \fInnadmin\fP in the
+--- nn-6.7.3.orig/man/nncheck.1
++++ nn-6.7.3/man/nncheck.1
+@@ -5,7 +5,7 @@
+ nncheck \- check for unread articles
+ .SH SYNOPSIS
+ .B nncheck
+-[ -Q -r -t ]  [ -f format ]
++[ \-Q \-r \-t ]  [ \-f format ]
+ .SH DESCRIPTION
+ .I nncheck
+ will report if there are some articles on the system which you have not read.
+@@ -54,13 +54,13 @@
+ .TP
+ \&\-\fBf\fP \fIformat\fP
+ Output the number of unread articles using the specified format.  The
+-format is a text that may contain the following %-escapes:
++format is a text that may contain the following %\-escapes:
+ .sp 0.5v
+ .DT
+ .ta 1i 2i
+ .\"ta 1 10 20
+ .nf
+-	\fB%-code\fP	\fBresulting output\fP
++	\fB%\-code\fP	\fBresulting output\fP
+ .sp 0.5v
+ 	%u	"\fIuuu\fP unread articles"
+ 	%g	"\fIggg\fP groups"
+--- nn-6.7.3.orig/man/nngrab.1
++++ nn-6.7.3/man/nngrab.1
+@@ -11,7 +11,7 @@
+ contain an instance of \fIkeyword\fP.  \fInngrab\fP is a fast
+ equivalent for:
+ .sp 0.5v
+-	nn -mxX -s/\fIkeyword\fP all
++	nn \-mxX \-s/\fIkeyword\fP all
+ .LP
+ For example,
+ .sp 0.5v
+--- nn-6.7.3.orig/man/nngrep.1
++++ nn-6.7.3/man/nngrep.1
+@@ -59,7 +59,7 @@
+ You can use this to read a specific subset of news groups with
+ \fInn\fP; for example
+ .br
+-	nn `nngrep -sp source`
++	nn `nngrep \-sp source`
+ .SH LONG LISTING
+ A \fIlong\fP listing of the matched groups can be requested with the
+ \fB\-l\fP option.  It will include the following information:
+--- nn-6.7.3.orig/man/nnmaster.8
++++ nn-6.7.3/man/nnmaster.8
+@@ -13,7 +13,7 @@
+ \fBnnmaster\fP \-\fBl\fP [ "\fIlock message\fP" ]
+ .br
+ \fBnnmaster\fP [ \fIoptions\fP ] [ \fIgroups\fP ]
+-.br.
++.br
+ \fBnnmaster\fP \-\fBF\fP [ \fIoptions\fP ] [ \fIgroups\fP ]
+ .SH DESCRIPTION
+ .I nnmaster
+@@ -28,7 +28,7 @@
+ .I nnmaster
+ daemon:
+ .sp 0.5v
+-	$master/nnmaster -l -r -C
++	$master/nnmaster \-l \-r \-C
+ .sp 0.5v
+ where $master is the MASTER_DIRECTORY defined during configuration
+ of \fInn\fP.
+@@ -69,7 +69,7 @@
+ to be collected.  For example, to collect everything but rec and misc,
+ use the following command:
+ .br
+-	\fInnmaster\fP -r !rec !misc ""
++	\fInnmaster\fP \-r !rec !misc ""
+ .br
+ If the empty argument had been omitted, nothing would be collected,
+ since the presence of any \fIgroups\fP arguments causes \fInnmaster\fP
+@@ -79,14 +79,14 @@
+ different sets of groups at different intervals or under different
+ conditions:
+ .br
+-	\fInnmaster\fP -B -O14 rec misc sci -LBO -u
++	\fInnmaster\fP \-B \-O14 rec misc sci \-LBO \-u
+ .br
+-	\fInnmaster\fP !rec !misc !sci "" -u
++	\fInnmaster\fP !rec !misc !sci "" \-u
+ .sp 0.5v
+ Example 2: The group arguments are used in the given sequence, e.g. to
+ leave out comp.sys, but still collect comp.sys.ibm.pc, use the command:
+ .br
+-	\fInnmaster\fP -r comp.sys.ibm.pc !comp.sys ""
++	\fInnmaster\fP \-r comp.sys.ibm.pc !comp.sys ""
+ .sp 0.5v
+ The use of the \-\fBu\fP option in the first example is essential,
+ since each of the commands will update the active file time stamp
+@@ -330,7 +330,7 @@
+ 3, this will produce a compact but still very informative trace of the
+ collection or expire process directly on the terminal.  This is most
+ useful when doing the first collection of articles after initializing
+-the database with -I.  If \fIN\fP is 2 or 3, a trace of the NNTP
++the database with \-I.  If \fIN\fP is 2 or 3, a trace of the NNTP
+ traffic is written to a file nnmaster.log in the TMP directory. This
+ option disables \-\fBr\fP.
+ .TP
+@@ -455,7 +455,7 @@
+ running because it may add new groups to the file.  After editing the
+ GROUPS file, the command
+ .br
+-	\fInnmaster\fP -G
++	\fInnmaster\fP \-G
+ .br
+ must be run before restarting the \fInnmaster\fP to parse and verify
+ the new GROUPS file.
+--- nn-6.7.3.orig/man/nnstats.1m
++++ nn-6.7.3/man/nnstats.1m
+@@ -1,4 +1,4 @@
+-.TH NNSTATS 1M "Release 6.6"
++.TH NNSTATS 1m "Release 6.6"
+ .\" (c) Copyright 1988, 1990, Kim F. Storm.  All rights reserved.
+ .UC 4
+ .SH NAME
+@@ -32,9 +32,9 @@
+ that date only is calculated and printed.
+ .SH FILES
+ .DT
+-.ta \w'.../Log'u+3m
++.ta \w'\&../Log'u+3m
+ .\"ta 0 20
+-.../Log	The log file
++\&../Log	The log file
+ .DT
+ .SH SEE ALSO
+ nn(1), nnusage(1M), nnadmin(1M), nnmaster(8)
+--- nn-6.7.3.orig/man/nnusage.1m
++++ nn-6.7.3/man/nnusage.1m
+@@ -1,4 +1,4 @@
+-.TH NNUSAGE 1M "Release 6.6"
++.TH NNUSAGE 1m "Release 6.6"
+ .\" (c) Copyright 1988, 1990, Kim F. Storm.  All rights reserved.
+ .UC 4
+ .SH NAME
+@@ -23,9 +23,9 @@
+ truly report the actual time spent on news reading.
+ .SH FILES
+ .DT
+-.ta \w'.../Log'u+3m
++.ta \w'\&../Log'u+3m
+ .\"ta 0 20
+-.../Log	The log file
++\&../Log	The log file
+ .DT
+ .SH SEE ALSO
+ nn(1), nncheck(1), nngoback(1), nngrep(1), nntidy(1)
+--- nn-6.7.3.orig/menu.c
++++ nn-6.7.3/menu.c
+@@ -811,7 +811,7 @@
+ 	}
+ 
+ 	if (again > 1)
+-	    sprintf(delayed_msg, "Showing %d articles again", again);
++	    sprintf(delayed_msg, "Showing %ld articles again", again);
+     } while (again);
+ 
+     return MC_READGROUP;
+--- nn-6.7.3.orig/newsrc.c
++++ nn-6.7.3/newsrc.c
+@@ -1629,7 +1629,7 @@
+ 	newsrc_update_freq = 0;
+ 	dump_newsrc();
+ 	dump_select();
+-	tprintf("NOTICE: Original files are saved with %s extention\n", bak_suffix);
++	tprintf("NOTICE: Original files are saved with %s extension\n", bak_suffix);
+     }
+ }
+ 
+--- nn-6.7.3.orig/nntp.c
++++ nn-6.7.3/nntp.c
+@@ -37,6 +37,10 @@
+ #define NNTPCACHE	10
+ #endif
+ 
++#ifndef MAXHOSTNAMELEN 
++#define MAXHOSTNAMELEN 255
++#endif
++
+ #ifdef NNTP
+ #include "nntp.h"
+ #include "patchlevel.h"
+@@ -915,7 +919,11 @@
+ 	server_real_name = hp->h_name;
+     else
+ 	nn_exitmsg(1, "NNTPSERVER is invalid");
+-    use_nntp = (strcmp(host_name, server_real_name) != 0);
++#ifdef USE_SPOOL
++    use_nntp = (strcasecmp(host, server_real_name) != 0);
++#else /* USE_SPOOL */
++    use_nntp = 1;
++#endif /* USE_SPOOL */
+ 
+     if (use_nntp) {
+ 	freeobj(news_active);
+--- nn-6.7.3.orig/prefix.c
++++ nn-6.7.3/prefix.c
+@@ -73,7 +73,11 @@
+     fprintf(f, "ACTIVE=%s/active\n", news_lib_directory);
+ #endif
+ 
+-    fprintf(f, "LOG=%s\n", log_file);
++	if (log_file == NULL) {
++		fprintf(f, "LOG=null\n");
++	} else {
++    	fprintf(f, "LOG=%s\n", log_file);
++	}
+     fprintf(f, "TMP=${TMPDIR-%s}\n", tmp_directory);
+     fprintf(f, "DB=%s\n", db_directory);
+     fprintf(f, "BIN=%s\n", bin_directory);
+--- nn-6.7.3.orig/xmakefile
++++ nn-6.7.3/xmakefile
+@@ -77,16 +77,16 @@
+ 
+ SHELL = /bin/sh
+ 
+-MASTER = master.o collect.o expire.o proto.o hostname.o \
+-	global.o options.o active.o db.o nntp.o \
++MASTER = master.o collect.o expire.o proto.o hostname.o \\
++	global.o options.o active.o db.o nntp.o \\
+ 	pack_date.o pack_name.o pack_subject.o news.o digest.o
+ 
+-NN = 	nn.o admin.o proto.o global.o options.o db.o nntp.o \
+-	init.o variable.o term.o keymap.o macro.o regexp.o \
+-	menu.o more.o newsrc.o group.o folder.o dir.o aux.o \
+-	sort.o articles.o sequence.o kill.o active.o fullname.o \
+-	answer.o reroute.o hostname.o save.o unshar.o decode.o execute.o \
+-	pack_date.o pack_name.o pack_subject.o news.o digest.o match.o \
++NN = 	nn.o admin.o proto.o global.o options.o db.o nntp.o \\
++	init.o variable.o term.o keymap.o macro.o regexp.o \\
++	menu.o more.o newsrc.o group.o folder.o dir.o aux.o \\
++	sort.o articles.o sequence.o kill.o active.o fullname.o \\
++	answer.o reroute.o hostname.o save.o unshar.o decode.o execute.o \\
++	pack_date.o pack_name.o pack_subject.o news.o digest.o match.o \\
+ 	chset.o printconf.o
+ #ifdef NOV
+ NOVOBJ = awksplit.o hash.o hdbm.o libnov.o split.o
+@@ -189,75 +189,75 @@
+ * dependencies
+ *
+ 
+-account.o:	account.c account.h config.h global.h execute.h options.h \
++account.o:	account.c account.h config.h global.h execute.h options.h \\
+ 		proto.h
+-active.o:	active.c active.h config.h data.h global.h db.h master.h \
++active.o:	active.c active.h config.h data.h global.h db.h master.h \\
+ 		newsrc.h
+-admin.o:	admin.c admin.h config.h data.h global.h db.h execute.h \
++admin.o:	admin.c admin.h config.h data.h global.h db.h execute.h \\
+ 		group.h keymap.h nn.h proto.h nn_term.h
+-answer.o:	answer.c answer.h config.h data.h global.h aux.h db.h \
+-		fullname.h group.h hostname.h init.h keymap.h kill.h \
+-		match.h news.h nn.h nntp.h options.h printconf.h regexp.h \
++answer.o:	answer.c answer.h config.h data.h global.h aux.h db.h \\
++		fullname.h group.h hostname.h init.h keymap.h kill.h \\
++		match.h news.h nn.h nntp.h options.h printconf.h regexp.h \\
+ 		reroute.h nn_term.h variable.h
+-articles.o:	articles.c articles.h config.h data.h global.h db.h keymap.h \
++articles.o:	articles.c articles.h config.h data.h global.h db.h keymap.h \\
+ 		kill.h match.h news.h newsrc.h regexp.h sort.h nn_term.h
+-aux.o:		aux.c aux.h config.h data.h global.h chset.h execute.h \
++aux.o:		aux.c aux.h config.h data.h global.h chset.h execute.h \\
+ 		keymap.h news.h nn.h nntp.h reroute.h nn_term.h
+ chset.o:	chset.c chset.h config.h
+-collect.o:	collect.c collect.h config.h global.h db.h news.h digest.h \
++collect.o:	collect.c collect.h config.h global.h db.h news.h digest.h \\
+ 		master.h news.h nntp.h pack_date.h pack_name.h pack_subject.h
+-db.o:		db.c db.h config.h data.h global.h answer.h articles.h \
+-		keymap.h libnov.h nntp.h nn_term.h pack_date.h pack_name.h \
++db.o:		db.c db.h config.h data.h global.h answer.h articles.h \\
++		keymap.h libnov.h nntp.h nn_term.h pack_date.h pack_name.h \\
+ 		pack_subject.h hash.h newsoverview.h
+-decode.o:	decode.c decode.h config.h data.h global.h keymap.h save.h \
++decode.o:	decode.c decode.h config.h data.h global.h keymap.h save.h \\
+ 		nn_term.h
+-digest.o:	digest.c digest.h config.h data.h global.h debug.h keymap.h \
++digest.o:	digest.c digest.h config.h data.h global.h debug.h keymap.h \\
+ 		news.h pack_name.h nn_term.h
+-dir.o:		dir.c dir.h config.h data.h global.h articles.h keymap.h \
++dir.o:		dir.c dir.h config.h data.h global.h articles.h keymap.h \\
+ 		nn_term.h
+-execute.o:	execute.c execute.h config.h data.h global.h folder.h \
++execute.o:	execute.c execute.h config.h data.h global.h folder.h \\
+ 		keymap.h nn_term.h
+-expire.o:	expire.c expire.h config.h global.h db.h keymap.h master.h \
++expire.o:	expire.c expire.h config.h global.h db.h keymap.h master.h \\
+ 		nntp.h nn_term.h
+-folder.o:	folder.c folder.h config.h data.h global.h articles.h \
+-		db.h digest.h dir.h keymap.h match.h menu.h news.h \
+-		pack_date.h pack_name.h pack_subject.h regexp.h save.h \
++folder.o:	folder.c folder.h config.h data.h global.h articles.h \\
++		db.h digest.h dir.h keymap.h match.h menu.h news.h \\
++		pack_date.h pack_name.h pack_subject.h regexp.h save.h \\
+ 		sort.h nn_term.h
+ fullname.o:	fullname.c fullname.h config.h data.h global.h
+-global.o:	global.c data.h global.h config.h execute.h keymap.h nn.h \
++global.o:	global.c data.h global.h config.h execute.h keymap.h nn.h \\
+ 		patchlevel.h nn_term.h update.h
+-group.o:	group.c group.h config.h data.h global.h articles.h db.h \
+-		folder.h keymap.h macro.h match.h menu.h newsrc.h nn.h \
++group.o:	group.c group.h config.h data.h global.h articles.h db.h \\
++		folder.h keymap.h macro.h match.h menu.h newsrc.h nn.h \\
+ 		nntp.h regexp.h sort.h nn_term.h variable.h
+ hostname.o:	hostname.c hostname.h config.h
+-init.o:		init.c init.h config.h data.h global.h articles.h admin.h \
+-		answer.h db.h execute.h folder.h group.h hostname.h \
+-		keymap.h kill.h macro.h menu.h newsrc.h nn.h printconf.h \
++init.o:		init.c init.h config.h data.h global.h articles.h admin.h \\
++		answer.h db.h execute.h folder.h group.h hostname.h \\
++		keymap.h kill.h macro.h menu.h newsrc.h nn.h printconf.h \\
+ 		save.h sequence.h sort.h nn_term.h variable.h
+ keymap.o:	keymap.c keymap.h config.h data.h global.h init.h nn_term.h
+-kill.o:		kill.c kill.h config.h data.h global.h db.h keymap.h \
++kill.o:		kill.c kill.h config.h data.h global.h db.h keymap.h \\
+ 		match.h menu.h regexp.h nn_term.h
+-macro.o:	macro.c macro.h config.h data.h global.h db.h init.h \
++macro.o:	macro.c macro.h config.h data.h global.h db.h init.h \\
+ 		keymap.h menu.h nn_term.h variable.h
+-master.o:	master.c master.h config.h global.h active.h collect.h db.h \
++master.o:	master.c master.h config.h global.h active.h collect.h db.h \\
+ 		digest.h execute.h expire.h news.h nntp.h options.h proto.h
+ match.o:	match.c match.h config.h data.h global.h regexp.h
+-menu.o:		menu.c menu.h config.h data.h global.h articles.h \
+-		answer.h db.h execute.h folder.h group.h init.h keymap.h \
+-		kill.h macro.h match.h more.h newsrc.h regexp.h save.h \
++menu.o:		menu.c menu.h config.h data.h global.h articles.h \\
++		answer.h db.h execute.h folder.h group.h init.h keymap.h \\
++		kill.h macro.h match.h more.h newsrc.h regexp.h save.h \\
+ 		sort.h nn_term.h 
+-more.o:		more.c more.h config.h data.h global.h articles.h answer.h \
+-		db.h execute.h folder.h group.h init.h keymap.h kill.h \
++more.o:		more.c more.h config.h data.h global.h articles.h answer.h \\
++		db.h execute.h folder.h group.h init.h keymap.h kill.h \\
+ 		macro.h match.h menu.h news.h regexp.h save.h nn_term.h
+ news.o:		news.c news.h config.h data.h global.h digest.h more.h nntp.h
+-newsrc.o:	newsrc.c newsrc.h config.h data.h global.h articles.h \
++newsrc.o:	newsrc.c newsrc.h config.h data.h global.h articles.h \\
+ 		active.h db.h keymap.h nn.h options.h regexp.h nn_term.h
+-nn.o:		nn.c nn.h config.h data.h global.h admin.h answer.h \
+-		articles.h db.h execute.h folder.h group.h init.h keymap.h \
+-		kill.h libnov.h macro.h match.h menu.h newsrc.h nntp.h \
++nn.o:		nn.c nn.h config.h data.h global.h admin.h answer.h \\
++		articles.h db.h execute.h folder.h group.h init.h keymap.h \\
++		kill.h libnov.h macro.h match.h menu.h newsrc.h nntp.h \\
+ 		options.h proto.h regexp.h sequence.h nn_term.h
+-nntp.o:		nntp.c nntp.h config.h data.h global.h fullname.h hash.h \
+-		hostname.h keymap.h libnov.h nn_term.h patchlevel.h \
++nntp.o:		nntp.c nntp.h config.h data.h global.h fullname.h hash.h \\
++		hostname.h keymap.h libnov.h nn_term.h patchlevel.h \\
+ 		newsoverview.h
+ options.o:	options.c options.h config.h data.h global.h nn.h variable.h
+ pack_date.o:	pack_date.c pack_date.h config.h data.h global.h
+@@ -268,21 +268,21 @@
+ proto.o:	proto.c proto.h config.h data.h global.h hostname.h
+ regexp.o:	regexp.c regexp.h config.h data.h global.h keymap.h nn_term.h
+ reroute.o:	reroute.c reroute.h config.h data.h global.h
+-save.o:		save.c save.h config.h data.h global.h db.h decode.h \
++save.o:		save.c save.h config.h data.h global.h db.h decode.h \\
+ 		digest.h folder.h keymap.h more.h news.h nn_term.h unshar.h
+-sequence.o:	sequence.c sequence.h config.h data.h global.h db.h \
++sequence.o:	sequence.c sequence.h config.h data.h global.h db.h \\
+ 		debug.h keymap.h macro.h nn.h nn_term.h variable.h
+ sort.o:		sort.c sort.h config.h data.h global.h  articles.h
+-term.o:		term.c nn_term.h config.h data.h global.h execute.h \
++term.o:		term.c nn_term.h config.h data.h global.h execute.h \\
+ 		folder.h keymap.h macro.h nn.h regexp.h
+ unshar.o:	unshar.c unshar.h config.h data.h global.h keymap.h nn_term.h
+-variable.o:	variable.c variable.h config.h data.h global.h chset.h \
++variable.o:	variable.c variable.h config.h data.h global.h chset.h \\
+ 		folder.h init.h keymap.h regexp.h sort.h nn_term.h
+ 
+ awksplit.o:	awksplit.c awksplit.h config.h split.h
+ hash.o:		hash.c hash.h config.h hdbm.h
+ hdbm.o:		hdbm.c hdbm.h config.h hdbmint.h 
+-libnov.o:	libnov.c libnov.h config.h data.h global.h awksplit.h \
++libnov.o:	libnov.c libnov.h config.h data.h global.h awksplit.h \\
+ 		digest.h hash.h newsoverview.h news.h nntp.h split.h
+ split.o:	split.c split.h config.h
+ 
diff --git a/source/n/nn/nntpserver b/source/n/nn/nntpserver
deleted file mode 100644
index 3fa9a61b1..000000000
--- a/source/n/nn/nntpserver
+++ /dev/null
@@ -1 +0,0 @@
-news.my_news_server.com
diff --git a/source/n/nn/slack-desc b/source/n/nn/slack-desc
index 8caf48da7..54a350f06 100644
--- a/source/n/nn/slack-desc
+++ b/source/n/nn/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
   |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/pth/pth.SlackBuild b/source/n/npth/npth.SlackBuild
index f6f791a37..fee033f7f 100755
--- a/source/n/pth/pth.SlackBuild
+++ b/source/n/npth/npth.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006  Robby Workman  (http://rlworkman.net) 
-# Copyright 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2014  Robby Workman, Tuscaloosa, AL, USA
+# Copyright 2007, 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,28 +21,37 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-PKGNAM=pth
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=npth
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/pkg-$PKGNAM
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -59,8 +68,8 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1
-cd $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
+cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -68,9 +77,6 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
-# Do not enable pthread here - if you do, it overwrites glibc's
-# /usr/include/pthread.h, which will later cause a conflict
-# when building gpgme
 CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \
@@ -78,23 +84,24 @@ CXXFLAGS="$SLKCFLAGS" \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
   --sysconfdir=/etc \
   --infodir=/usr/info \
+  --docdir=/usr/doc/$PKGNAM-$VERSION \
   --enable-shared=yes \
   --enable-static=no \
-  --enable-pthread=no \
   --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --host=$ARCH-slackware-linux || exit 1
 
 # This one doesn't parallelize well.
 make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't package .la files:
+rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la
+
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
-( cd $PKG/usr/man
-  find . -type f -exec gzip -9 {} \;
-  for i in $( find . -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
-)
+find $PKG/usr/man -type f -exec gzip -9 {} \;
+for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
 
 if [ -d $PKG/usr/info ]; then
   rm -f $PKG/usr/info/dir
diff --git a/source/n/npth/slack-desc b/source/n/npth/slack-desc
new file mode 100644
index 000000000..c6e0a278d
--- /dev/null
+++ b/source/n/npth/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+   |-----handy-ruler------------------------------------------------------|
+npth: npth (New GNU Portable Threads)
+npth:
+npth: nPth is a non-preemptive threads implementation based on the 
+npth: system's standard threads implementation and is often used to 
+npth: provide a co-routine based framework.
+npth:
+npth:
+npth:
+npth:
+npth:
+npth:
diff --git a/source/n/ntp/doinst.sh b/source/n/ntp/doinst.sh
index bc5429909..3f1589bda 100644
--- a/source/n/ntp/doinst.sh
+++ b/source/n/ntp/doinst.sh
@@ -20,9 +20,7 @@ preserve_perms() {
   config ${NEW}
 }
 
+config etc/logrotate.d/ntp.new
 config etc/ntp.conf.new
-config etc/ntp/ntp.keys.new
-if [ -r etc/rc.d/rc.ntpd -a -r etc/rc.d/rc.ntpd.new ]; then
-  chmod --reference=etc/rc.d/rc.ntpd etc/rc.d/rc.ntpd.new
-fi
-mv etc/rc.d/rc.ntpd.new etc/rc.d/rc.ntpd
+config etc/ntp.keys.new
+preserve_perms etc/rc.d/rc.ntpd.new
diff --git a/source/n/ntp/ntp.SlackBuild b/source/n/ntp/ntp.SlackBuild
index 21ca6248a..54798e5cb 100755
--- a/source/n/ntp/ntp.SlackBuild
+++ b/source/n/ntp/ntp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2012, 2014, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2014, 2015, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=ntp
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -34,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -46,7 +56,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-ntp
 
@@ -80,12 +89,13 @@ CFLAGS="$SLKCFLAGS" \
   --htmldir=/usr/doc/ntp-$VERSION \
   --enable-ipv6 \
   --with-crypto \
+  --enable-ntp-signd \
   --program-prefix= \
   --program-suffix= \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
-make -i install DESTDIR=$PKG || exit 1
+make install DESTDIR=$PKG || exit 1
 
 # Since the Makefile's install pays no heed to the --bindir settings,
 # we'll move things to where they've always been ourselves:
@@ -98,11 +108,23 @@ rmdir $PKG/usr/lib/pkgconfig
 # This should be empty.  Try to remove it, and error out if it's not actually empty:
 rmdir $PKG/usr/libexec || exit 1
 
-mkdir -p $PKG/etc/ntp
+# Install default conf and keys files:
+mkdir -p $PKG/etc
 cat $CWD/ntp.conf > $PKG/etc/ntp.conf.new
-cat $CWD/ntp.keys > $PKG/etc/ntp/ntp.keys.new
-chmod 600 $PKG/etc/ntp/ntp.keys.new
-touch $PKG/etc/ntp/step-tickers
+cat $CWD/ntp.keys > $PKG/etc/ntp.keys.new
+chown root:ntp $PKG/etc/ntp.keys.new
+chmod 640 $PKG/etc/ntp.keys.new
+
+# Location for the drift and stats files:
+mkdir -p $PKG/var/lib/ntp
+chown ntp:ntp $PKG/var/lib/ntp
+chmod 0775 $PKG/var/lib/ntp
+
+# This is deprecated and no longer used by anything:
+#touch $PKG/etc/ntp/step-tickers
+
+mkdir -p $PKG/etc/logrotate.d
+cat $CWD/ntp.logrotate > $PKG/etc/logrotate.d/ntp.new
 
 mkdir -p $PKG/etc/rc.d
 cat $CWD/rc.ntpd > $PKG/etc/rc.d/rc.ntpd.new
diff --git a/source/n/ntp/ntp.conf b/source/n/ntp/ntp.conf
index 1844fb91c..e88603c12 100644
--- a/source/n/ntp/ntp.conf
+++ b/source/n/ntp/ntp.conf
@@ -1,4 +1,5 @@
 # Sample /etc/ntp.conf:  Configuration file for ntpd.
+
 #
 # Undisciplined Local Clock. This is a fake driver intended for backup
 # and when no outside source of synchronized time is available. The
@@ -22,12 +23,27 @@ fudge	127.127.1.0 stratum 10
 #server 3.pool.ntp.org iburst
 
 #
+# Full path of a directory where statistics files should be created
+#
+statsdir /var/lib/ntp/stats
+
+#
+# Location of an alternate log file to be used instead of the default system syslog(3) facility
+#
+logfile /var/log/ntp
+
+#
 # Drift file.  Put this in a directory which the daemon can write to.
 # No symbolic links allowed, either, since the daemon updates the file
 # by creating a temporary in the same directory and then rename()'ing
 # it to the file.
 #
-driftfile /etc/ntp/drift
+driftfile /var/lib/ntp/drift
+
+#
+# Location of PID file
+#
+pidfile /var/run/ntpd.pid
 
 #
 # Uncomment to use a multicast NTP server on the local subnet:
@@ -37,12 +53,13 @@ driftfile /etc/ntp/drift
 
 #
 # Keys file.  If you want to diddle your server at run time, make a
-# keys file (mode 600 for sure) and define the key number to be
-# used for making requests.
+# keys file (mode 640 owned by root:ntp) and define the key number to
+# be used for making requests.
 # PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
 # systems might be able to reset your clock at will.
 #
-#keys		/etc/ntp/keys
+#keysdir	/etc
+#keys		/etc/ntp.keys
 #trustedkey	65535
 #requestkey	65535
 #controlkey	65535
@@ -59,13 +76,6 @@ restrict -6 default limited kod nomodify notrap nopeer noquery
 #restrict -6 default limited kod nomodify notrap nopeer
 
 #
-# Disable the ntpdc -c monlist command, which is insecure and can be used
-# to cause a denial of service attack (CVE-2013-5211). Future versions of
-# NTP will remove this command.
-# (this feature was disabled by default with ntpd 4.2.7p230)
-disable monitor
-
-#
 # Trust ourselves.  :-)
 restrict 127.0.0.1
 restrict ::1
diff --git a/source/n/ntp/ntp.logrotate b/source/n/ntp/ntp.logrotate
new file mode 100644
index 000000000..6f2937a99
--- /dev/null
+++ b/source/n/ntp/ntp.logrotate
@@ -0,0 +1,7 @@
+/var/log/ntp {
+    notifempty
+    missingok
+    postrotate
+    [ -x /etc/rc.d/rc.ntpd ] && /etc/rc.d/rc.ntpd restart
+    endscript
+}
diff --git a/source/n/ntp/rc.ntpd b/source/n/ntp/rc.ntpd
index 7cf3d50b0..d1ad44841 100644
--- a/source/n/ntp/rc.ntpd
+++ b/source/n/ntp/rc.ntpd
@@ -3,9 +3,8 @@
 
 # Start ntpd:
 ntpd_start() {
-  CMDLINE="/usr/sbin/ntpd -g"
-  echo -n "Starting NTP daemon:  $CMDLINE"
-  $CMDLINE -p /var/run/ntpd.pid
+  echo -n "Starting NTP daemon:  /usr/sbin/ntpd -g -u ntp:ntp"
+  /usr/sbin/ntpd -g -u ntp:ntp
   echo
 }
 
@@ -31,7 +30,7 @@ ntpd_restart() {
 # Check if ntpd is running
 ntpd_status() {
   if [ -e /var/run/ntpd.pid ]; then
-    echo "ntpd is running."
+    echo "ntpd is running as pid $(cat /var/run/ntpd.pid)."
   else 
     echo "ntpd is stopped."
     exit 1
diff --git a/source/n/ntp/slack-desc b/source/n/ntp/slack-desc
index 6319e8885..a0a931739 100644
--- a/source/n/ntp/slack-desc
+++ b/source/n/ntp/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
    |-----handy-ruler------------------------------------------------------|
@@ -16,4 +16,4 @@ ntp: of milliseconds on WANs relative to a primary server synchronized to
 ntp: Coordinated Universal Time (UTC) via a Global Positioning Service
 ntp: (GPS) receiver, for example. 
 ntp:
-ntp:
+ntp: Homepage: http://www.ntp.org
diff --git a/source/n/obexftp/obexftp.SlackBuild b/source/n/obexftp/obexftp.SlackBuild
index 13eba4bcd..cf3cd415b 100755
--- a/source/n/obexftp/obexftp.SlackBuild
+++ b/source/n/obexftp/obexftp.SlackBuild
@@ -1,5 +1,5 @@
-#!/bin/sh
-# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+#!/bin/bash
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2015, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -19,10 +19,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=obexftp
 VERSION=${VERSION:-$(echo $PKGNAM-*-Source.tar.?z* | rev | cut -f 3- -d . | cut -f 2 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,7 +37,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 
@@ -54,6 +62,9 @@ else
   LIBDIRSUFFIX=""
 fi
 
+PYTHONLIB=$( python -c 'from distutils.sysconfig import get_python_lib; print(get_python_lib())' )
+PYTHON3LIB=$( python3 -c 'from distutils.sysconfig import get_python_lib; print(get_python_lib())' )
+
 rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
@@ -71,9 +82,7 @@ find . \
 
 # Thanks to Fedora for these
 zcat $CWD/patches/obexftp-0.24-fix-absurd-install-path.patch.gz | patch -p1 || exit 1
-zcat $CWD/patches/obexftp-0.24-fuse.patch.gz | patch -p1 || exit 1
 zcat $CWD/patches/obexftp-norpath.patch.gz | patch -p1 || exit 1
-zcat $CWD/patches/obexftp-pkgconfig_requires.patch.gz | patch -p1 || exit 1
 
 mkdir -p build
 cd build
@@ -89,6 +98,21 @@ cd build
   make install DESTDIR=$PKG || exit 1
 cd ..
 
+mkdir -p build-python2
+cd build-python2
+  cmake \
+    -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \
+    -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \
+    -DCMAKE_INSTALL_PREFIX=/usr \
+    -DLIB_SUFFIX=${LIBDIRSUFFIX} \
+    -DCMAKE_INSTALL_DOCDIR=/usr/doc/$PKGNAM-$VERSION \
+    -DCMAKE_BUILD_TYPE=Release \
+    -DPython_ADDITIONAL_VERSIONS=2.7 ..
+  cd swig/python
+  make $NUMJOBS || make || exit 1
+  make install DESTDIR=$PKG || exit 1
+cd ../../../
+
 # Relocate man pages:
 mv $PKG/usr/share/man $PKG/usr
 rmdir $PKG/usr/share 2> /dev/null
@@ -108,6 +132,12 @@ fi
   done
 )
 
+# Generate .pyc files
+python -m compileall "${PKG}$PYTHONLIB"
+python -O -m compileall "${PKG}$PYTHONLIB"
+python3 -m compileall "${PKG}$PYTHON3LIB"
+python3 -O -m compileall "${PKG}$PYTHON3LIB"
+
 # Strip binaries:
 find $PKG | xargs file | grep -e "executable" -e "shared object" \
   | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
diff --git a/source/n/obexftp/patches/obexftp-0.24-fuse.patch b/source/n/obexftp/patches/obexftp-0.24-fuse.patch
deleted file mode 100644
index 260cfc2d9..000000000
--- a/source/n/obexftp/patches/obexftp-0.24-fuse.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 2cc82e0ab5a30eaab5461dcc4eed41b095edba3f Mon Sep 17 00:00:00 2001
-From: Hendrik Sattler <post@hendrik-sattler.de>
-Date: Sun, 11 Aug 2013 20:27:29 +0200
-Subject: [PATCH] Install fuse apps
-
----
- fuse/CMakeLists.txt |    7 ++++++-
- 1 files changed, 6 insertions(+), 1 deletions(-)
-
-diff --git a/fuse/CMakeLists.txt b/fuse/CMakeLists.txt
-index c31a5fc..7d5f7ea 100644
---- a/fuse/CMakeLists.txt
-+++ b/fuse/CMakeLists.txt
-@@ -14,7 +14,6 @@ if ( Fuse_FOUND )
-     ${Fuse_LIBRARIES}
-   )
- 
--
-   add_executable ( obexautofs
-     obexautofs.c
-   )
-@@ -23,4 +22,10 @@ if ( Fuse_FOUND )
-     obexftp
-     ${Fuse_LIBRARIES}
-   )
-+
-+  install ( TARGETS obexfs obexautofs
-+    RUNTIME
-+      DESTINATION ${CMAKE_INSTALL_BINDIR}
-+      COMPONENT applications
-+  )
- endif ( Fuse_FOUND )
--- 
-1.7.1
-
diff --git a/source/n/obexftp/patches/obexftp-pkgconfig_requires.patch b/source/n/obexftp/patches/obexftp-pkgconfig_requires.patch
deleted file mode 100644
index ded4a5833..000000000
--- a/source/n/obexftp/patches/obexftp-pkgconfig_requires.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -71,7 +71,7 @@
- set ( exec_prefix "\${prefix}" )
- set ( libdir      "\${prefix}/${CMAKE_INSTALL_LIBDIR}" )
- set ( includedir  "\${prefix}/${CMAKE_INSTALL_INCLUDEDIR}" )
--set ( REQUIRES    "bluetooth openobex" )
-+set ( REQUIRES    "bluez openobex" )
- configure_file (
-   ${CMAKE_CURRENT_SOURCE_DIR}/obexftp.pc.in
-   ${CMAKE_CURRENT_BINARY_DIR}/obexftp.pc
diff --git a/source/n/obexftp/slack-desc b/source/n/obexftp/slack-desc
index a90f0461b..8aa622a20 100644
--- a/source/n/obexftp/slack-desc
+++ b/source/n/obexftp/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 obexftp: obexftp (Access devices via ObexFTP, such as mobile phones)
 obexftp:
 obexftp: This package contains some command line tools and the ObexFTP
-obexftp: library.  Using OpenOBEX it enables you to transfer data via IrDA,
+obexftp: library. Using OpenOBEX it enables you to transfer data via IrDA,
 obexftp: Bluetooth, as well as some custom (Siemens, Ericsson) serial port
 obexftp: protocols.
 obexftp:
diff --git a/source/n/openldap-client/openldap-client.SlackBuild b/source/n/openldap-client/openldap-client.SlackBuild
index 80ec373fb..c0d58d306 100755
--- a/source/n/openldap-client/openldap-client.SlackBuild
+++ b/source/n/openldap-client/openldap-client.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -22,9 +22,11 @@
 
 # OpenLDAP (clients/libraries only!)
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-VERSION=${VERSION:-$(echo openldap-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+PKGNAM=openldap-client
+VERSION=${VERSION:-$(echo openldap-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,6 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-openldap-client
 
@@ -58,8 +67,9 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf openldap-$VERSION
-tar xvf $CWD/openldap-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/openldap-$VERSION.tar.?z || exit 1
 cd openldap-$VERSION || exit 1
+
 chown -R root:root .
 find . -perm 777 -exec chmod 755 {} \;
 find . -perm 664 -exec chmod 644 {} \;
@@ -72,7 +82,6 @@ CFLAGS="$SLKCFLAGS" \
   --mandir=/usr/man \
   --with-cyrus-sasl \
   --with-tls \
-  --with-readline \
   --with-threads \
   --enable-debug \
   --enable-syslog \
@@ -82,13 +91,16 @@ CFLAGS="$SLKCFLAGS" \
   --disable-static \
   --enable-shared \
   --disable-slapd \
-  --disable-slurpd
+  --build=$ARCH-slackware-linux || exit 1
 
 make depend || exit 1
-make -j4 || exit 1
+make -j7 || exit 1
 make test || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 # Fix permissions on shared libraries:
 chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/*.so.*
 
@@ -119,7 +131,6 @@ fi
 # Remove man pages for the servers (not currently supported or shipped...
 # do they even work properly without the evil PAM?)
 find $PKG/usr/man -name slap* -exec rm -f {} \;
-find $PKG/usr/man -name slurp* -exec rm -f {} \;
 find $PKG/usr/man -type d -empty -exec rmdir {} \;
 
 # Compress and if needed symlink the man pages:
diff --git a/source/n/openldap-client/slack-desc b/source/n/openldap-client/slack-desc
index 939153bbe..378cf14eb 100644
--- a/source/n/openldap-client/slack-desc
+++ b/source/n/openldap-client/slack-desc
@@ -9,7 +9,7 @@
 openldap-client: openldap-client (OpenLDAP client programs)
 openldap-client:
 openldap-client: OpenLDAP is an open source implementation of the Lightweight
-openldap-client: Directory Access Protocol.  LDAP is a alternative to the X.500
+openldap-client: Directory Access Protocol. LDAP is a alternative to the X.500
 openldap-client: Directory Access Protocol (DAP). It uses the TCP/IP stack versus
 openldap-client: the overly complex OSI stack.
 openldap-client:
diff --git a/source/n/openobex/openobex.SlackBuild b/source/n/openobex/openobex.SlackBuild
index 858e58dc1..7f415a48d 100755
--- a/source/n/openobex/openobex.SlackBuild
+++ b/source/n/openobex/openobex.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2007, 2008, 2009, 2010, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=openobex
 VERSION=${VERSION:-$(echo $PKGNAM-*-Source.tar.?z* | rev | cut -f 3- -d . | cut -f 2 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,7 +37,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
 
diff --git a/source/n/openobex/slack-desc b/source/n/openobex/slack-desc
index a86312dc0..40751a8d1 100644
--- a/source/n/openobex/slack-desc
+++ b/source/n/openobex/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
 openobex: openobex (Object Exchange protocol library)
 openobex:
 openobex: OpenOBEX is a free open source implementation of the Object Exchange
-openobex: (OBEX) protocol.  OBEX is a session protocol and can best be
-openobex: described as a binary HTTP protocol.  OBEX is optimised for ad-hoc
+openobex: (OBEX) protocol. OBEX is a session protocol and can best be
+openobex: described as a binary HTTP protocol. OBEX is optimised for ad-hoc
 openobex: wireless links and can be used to exchange all kinds of objects like
 openobex: files, pictures, calendar entries (vCal) and business cards (vCard).
 openobex:
-openobex: Visit the project here:  http://www.openobex.org
+openobex: Visit the project here: http://www.openobex.org
 openobex:
 openobex:
diff --git a/source/n/openssh/doinst.sh b/source/n/openssh/doinst.sh
index 73ce62836..08536ff69 100644
--- a/source/n/openssh/doinst.sh
+++ b/source/n/openssh/doinst.sh
@@ -21,6 +21,7 @@ preserve_perms() {
   config ${NEW}
 }
 
+config etc/default/sshd.new
 config etc/ssh/ssh_config.new
 config etc/ssh/sshd_config.new
 preserve_perms etc/rc.d/rc.sshd.new
diff --git a/source/n/openssh/openssh.SlackBuild b/source/n/openssh/openssh.SlackBuild
index a917ee801..2620da6c8 100755
--- a/source/n/openssh/openssh.SlackBuild
+++ b/source/n/openssh/openssh.SlackBuild
@@ -1,8 +1,8 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2000 BSDi, Inc. Concord, CA, USA
 # Copyright 2001, 2002, 2003, 2004  Slackware Linux, Inc. Concord, CA, USA
-# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -22,14 +22,15 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 # Set initial variables:
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-openssh
 
+PKGNAM=openssh
 VERSION=${VERSION:-$(echo openssh-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-5}
 
 NUMJOBS=${NUMJOBS:--j6}
 
@@ -43,6 +44,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
@@ -65,11 +74,21 @@ mkdir -p $PKG
 cd $TMP
 rm -rf $PKG openssh-$VERSION
 tar xvf $CWD/openssh-$VERSION.tar.gz || tar xvf $CWD/openssh-$VERSION.tar.?z* || exit 1
-cd openssh-$VERSION
+cd openssh-$VERSION || exit 1
 chown -R root:root .
 
+# OpenSSL 1.1.x support:
+zcat $CWD/openssl-1.1.0.patch.gz | patch -p1 --verbose || exit 1
+
+# Don't bail on finding OpenSSL 1.1.x, it's fine:
+zcat $CWD/openssh.no.openssl.version.check.diff.gz | patch -p1 --verbose || exit 1
+
 # Restore support for tcpwrappers:
-zcat $CWD/openssh-7.2p1-libwrap.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/openssh.tcp_wrappers.diff.gz | patch -p1 --verbose || exit 1
+
+# Fix tunnel forwarding with -w option:
+zcat $CWD/openssh.fix_tunnel_forwarding.diff.gz | patch -p1 --verbose || exit 1
+
 autoreconf -vif
 
 # Compile package:
@@ -84,12 +103,12 @@ CFLAGS="$SLKCFLAGS" \
   --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \
   --with-privsep-path=/var/empty \
   --with-privsep-user=sshd \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 
 # Install the package:
-make install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
   | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
@@ -113,6 +132,10 @@ fi
 mkdir -p $PKG/var/empty
 chmod 755 $PKG/var/empty
 
+# Install defaults file
+mkdir -p $PKG/etc/default
+cat $CWD/sshd.default > $PKG/etc/default/sshd.new
+
 # Install docs:
 mkdir -p $PKG/usr/doc/openssh-$VERSION
 cp -a \
diff --git a/source/n/openssh/openssh.fix_tunnel_forwarding.diff b/source/n/openssh/openssh.fix_tunnel_forwarding.diff
new file mode 100644
index 000000000..a99a812fd
--- /dev/null
+++ b/source/n/openssh/openssh.fix_tunnel_forwarding.diff
@@ -0,0 +1,36 @@
+From cfb1d9bc76734681e3dea532a1504fcd466fbe91 Mon Sep 17 00:00:00 2001
+From: Damien Miller <djm@mindrot.org>
+Date: Fri, 13 Apr 2018 13:38:06 +1000
+Subject: Fix tunnel forwarding broken in 7.7p1
+
+bz2855, ok dtucker@
+---
+ openbsd-compat/port-net.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/openbsd-compat/port-net.c b/openbsd-compat/port-net.c
+index 7050629..bb53562 100644
+--- a/openbsd-compat/port-net.c
++++ b/openbsd-compat/port-net.c
+@@ -185,7 +185,7 @@ sys_tun_open(int tun, int mode, char **ifname)
+ 	else
+ 		debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd);
+ 
+-	if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)))
++	if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL)
+ 		goto failed;
+ 
+ 	return (fd);
+@@ -272,7 +272,7 @@ sys_tun_open(int tun, int mode, char **ifname)
+ 			goto failed;
+ 	}
+ 
+-	if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)))
++	if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL)
+ 		goto failed;
+ 
+ 	close(sock);
+-- 
+cgit v1.1
+
+
diff --git a/source/n/openssh/openssh.no.openssl.version.check.diff b/source/n/openssh/openssh.no.openssl.version.check.diff
new file mode 100644
index 000000000..bab2a2fdc
--- /dev/null
+++ b/source/n/openssh/openssh.no.openssl.version.check.diff
@@ -0,0 +1,12 @@
+--- ./configure.ac.orig	2018-04-02 00:38:28.000000000 -0500
++++ ./configure.ac	2018-05-07 12:56:07.220003323 -0500
+@@ -2641,9 +2641,6 @@
+ 			                ;;
+ 				100*)   ;; # 1.0.x
+ 				200*)   ;; # LibreSSL
+-			        *)
+-					AC_MSG_ERROR([OpenSSL >= 1.1.0 is not yet supported (have "$ssl_library_ver")])
+-			                ;;
+ 			esac
+ 			AC_MSG_RESULT([$ssl_library_ver])
+ 		],
diff --git a/source/n/openssh/openssh-7.2p1-libwrap.diff b/source/n/openssh/openssh.tcp_wrappers.diff
index 546e63ce2..b0a1c4ce7 100644
--- a/source/n/openssh/openssh-7.2p1-libwrap.diff
+++ b/source/n/openssh/openssh.tcp_wrappers.diff
@@ -1,25 +1,7 @@
-From 8c59bae0e4bdc0e3456d1802b391370bdf9975f3 Mon Sep 17 00:00:00 2001
-From: mancha <mancha1 AT zoho DOT com>
-Date: Mon, 6 Oct 2014
-Subject: Re-introduce TCP Wrappers support
-
-Support for TCP Wrappers was dropped as of OpenSSH 6.7. This patch
-resurrects the feature.
-
-Relevant upstream commits:
-
-  https://anongit.mindrot.org/openssh.git/commit/?id=f2719b7c2b8a
-  https://anongit.mindrot.org/openssh.git/commit/?id=f9696566fb41
-
----
- configure.ac |   57 +++++++++++++++++++++++++++++++++++++++++++++++++++++
- sshd.8       |    7 +++++++
- sshd.c       |   25 +++++++++++++++++++++++
- 3 files changed, 89 insertions(+)
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -1380,6 +1380,62 @@ AC_ARG_WITH([skey],
+diff -uprN openssh-7.7p1.orig/configure.ac openssh-7.7p1/configure.ac
+--- openssh-7.7p1.orig/configure.ac	2018-04-02 14:38:28.000000000 +0900
++++ openssh-7.7p1/configure.ac	2018-04-04 17:46:13.798168547 +0900
+@@ -1542,6 +1542,62 @@ AC_ARG_WITH([skey],
  	]
  )
  
@@ -82,17 +64,18 @@ Relevant upstream commits:
  # Check whether user wants to use ldns
  LDNS_MSG="no"
  AC_ARG_WITH(ldns,
-@@ -4829,6 +4885,7 @@ echo "                 KerberosV support
+@@ -5216,6 +5272,7 @@ echo "                   OSF SIA support
+ echo "                 KerberosV support: $KRB5_MSG"
  echo "                   SELinux support: $SELINUX_MSG"
- echo "                 Smartcard support: $SCARD_MSG"
  echo "                     S/KEY support: $SKEY_MSG"
 +echo "              TCP Wrappers support: $TCPW_MSG"
  echo "              MD5 password support: $MD5_MSG"
  echo "                   libedit support: $LIBEDIT_MSG"
- echo "  Solaris process contract support: $SPC_MSG"
---- a/sshd.8
-+++ b/sshd.8
-@@ -851,6 +851,12 @@ the user's home directory becomes access
+ echo "                   libldns support: $LDNS_MSG"
+diff -uprN openssh-7.7p1.orig/sshd.8 openssh-7.7p1/sshd.8
+--- openssh-7.7p1.orig/sshd.8	2018-04-02 14:38:28.000000000 +0900
++++ openssh-7.7p1/sshd.8	2018-04-04 17:46:13.799168500 +0900
+@@ -845,6 +845,12 @@ the user's home directory becomes access
  This file should be writable only by the user, and need not be
  readable by anyone else.
  .Pp
@@ -105,7 +88,7 @@ Relevant upstream commits:
  .It Pa /etc/hosts.equiv
  This file is for host-based authentication (see
  .Xr ssh 1 ) .
-@@ -954,6 +960,7 @@ The content of this file is not sensitiv
+@@ -947,6 +953,7 @@ The content of this file is not sensitiv
  .Xr ssh-keygen 1 ,
  .Xr ssh-keyscan 1 ,
  .Xr chroot 2 ,
@@ -113,31 +96,32 @@ Relevant upstream commits:
  .Xr login.conf 5 ,
  .Xr moduli 5 ,
  .Xr sshd_config 5 ,
---- a/sshd.c
-+++ b/sshd.c
-@@ -123,6 +123,13 @@
- #include "ssh-sandbox.h"
+diff -uprN openssh-7.7p1.orig/sshd.c openssh-7.7p1/sshd.c
+--- openssh-7.7p1.orig/sshd.c	2018-04-02 14:38:28.000000000 +0900
++++ openssh-7.7p1/sshd.c	2018-04-04 18:24:08.499515628 +0900
+@@ -122,6 +122,12 @@
+ #include "auth-options.h"
  #include "version.h"
- 
+ #include "ssherr.h"
 +#ifdef LIBWRAP
 +#include <tcpd.h>
 +#include <syslog.h>
 +int allow_severity;
 +int deny_severity;
 +#endif /* LIBWRAP */
-+
- #ifndef O_NOCTTY
- #define O_NOCTTY	0
- #endif
-@@ -2054,6 +2061,24 @@ main(int ac, char **av)
- #ifdef SSH_AUDIT_EVENTS
- 	audit_connection_from(remote_ip, remote_port);
- #endif
+ 
+ /* Re-exec fds */
+ #define REEXEC_DEVCRYPTO_RESERVED_FD	(STDERR_FILENO + 1)
+@@ -2005,6 +2011,26 @@ main(int ac, char **av)
+ 	packet_set_server();
+ 	ssh = active_state; /* XXX */
+ 
++/* Moved LIBWRAP check here */
 +#ifdef LIBWRAP
-+	allow_severity = options.log_facility|LOG_INFO;
-+	deny_severity = options.log_facility|LOG_WARNING;
-+	/* Check whether logins are denied from this host. */
-+	if (packet_connection_is_on_socket()) {
++        allow_severity = options.log_facility|LOG_INFO;
++        deny_severity = options.log_facility|LOG_WARNING;
++        /* Check whether logins are denied from this host. */
++        if (packet_connection_is_on_socket()) {	/* This check must be after packet_set_connection() */
 +		struct request_info req;
 +
 +		request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0);
@@ -151,6 +135,7 @@ Relevant upstream commits:
 +		}
 +	}
 +#endif /* LIBWRAP */
++
+ 	check_ip_options(ssh);
  
- 	/* Log the connection. */
- 	verbose("Connection from %s port %d on %s port %d",
+ 	/* Prepare the channels layer */
diff --git a/source/n/openssh/openssl-1.1.0.patch b/source/n/openssh/openssl-1.1.0.patch
new file mode 100644
index 000000000..6d065d470
--- /dev/null
+++ b/source/n/openssh/openssl-1.1.0.patch
@@ -0,0 +1,1953 @@
+diff -aurp old/auth-pam.c new/auth-pam.c
+--- old/auth-pam.c	2018-03-22 16:21:14.000000000 -1000
++++ new/auth-pam.c	2018-03-23 10:05:03.886621278 -1000
+@@ -128,6 +128,10 @@ extern u_int utmp_len;
+ typedef pthread_t sp_pthread_t;
+ #else
+ typedef pid_t sp_pthread_t;
++# define pthread_create(a, b, c, d)    _ssh_compat_pthread_create(a, b, c, d)
++# define pthread_exit(a)               _ssh_compat_pthread_exit(a)
++# define pthread_cancel(a)             _ssh_compat_pthread_cancel(a)
++# define pthread_join(a, b)            _ssh_compat_pthread_join(a, b)
+ #endif
+ 
+ struct pam_ctxt {
+diff -aurp old/cipher.c new/cipher.c
+--- old/cipher.c	2018-03-22 16:21:14.000000000 -1000
++++ new/cipher.c	2018-03-23 10:05:03.886621278 -1000
+@@ -297,7 +297,10 @@ cipher_init(struct sshcipher_ctx **ccp,
+ 			goto out;
+ 		}
+ 	}
+-	if (EVP_CipherInit(cc->evp, NULL, (u_char *)key, NULL, -1) == 0) {
++	/* in OpenSSL 1.1.0, EVP_CipherInit clears all previous setups;
++	   use EVP_CipherInit_ex for augmenting */
++	if (EVP_CipherInit_ex(cc->evp, NULL, NULL, (u_char *)key, NULL, -1) == 0)
++	{
+ 		ret = SSH_ERR_LIBCRYPTO_ERROR;
+ 		goto out;
+ 	}
+@@ -483,7 +486,7 @@ cipher_get_keyiv(struct sshcipher_ctx *c
+ 		   len, iv))
+ 		       return SSH_ERR_LIBCRYPTO_ERROR;
+ 	} else
+-		memcpy(iv, cc->evp->iv, len);
++		memcpy(iv, EVP_CIPHER_CTX_iv(cc->evp), len);
+ #endif
+ 	return 0;
+ }
+@@ -517,14 +520,19 @@ cipher_set_keyiv(struct sshcipher_ctx *c
+ 		    EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv))
+ 			return SSH_ERR_LIBCRYPTO_ERROR;
+ 	} else
+-		memcpy(cc->evp->iv, iv, evplen);
++		memcpy(EVP_CIPHER_CTX_iv(cc->evp), iv, evplen);
+ #endif
+ 	return 0;
+ }
+ 
+ #ifdef WITH_OPENSSL
+-#define EVP_X_STATE(evp)	(evp)->cipher_data
+-#define EVP_X_STATE_LEN(evp)	(evp)->cipher->ctx_size
++# if OPENSSL_VERSION_NUMBER >= 0x10100000UL
++#define EVP_X_STATE(evp)	EVP_CIPHER_CTX_get_cipher_data(evp)
++#define EVP_X_STATE_LEN(evp)	EVP_CIPHER_impl_ctx_size(EVP_CIPHER_CTX_cipher(evp))
++# else
++#define EVP_X_STATE(evp)	(evp).cipher_data
++#define EVP_X_STATE_LEN(evp)	(evp).cipher->ctx_size
++# endif
+ #endif
+ 
+ int
+diff -aurp old/cipher.h new/cipher.h
+--- old/cipher.h	2018-03-22 16:21:14.000000000 -1000
++++ new/cipher.h	2018-03-23 10:05:03.886621278 -1000
+@@ -46,7 +46,18 @@
+ #define CIPHER_DECRYPT		0
+ 
+ struct sshcipher;
++#if 0
++struct sshcipher_ctx {
++	int	plaintext;
++	int	encrypt;
++	EVP_CIPHER_CTX *evp;
++	struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
++	struct aesctr_ctx ac_ctx; /* XXX union with evp? */
++	const struct sshcipher *cipher;
++};
++#else
+ struct sshcipher_ctx;
++#endif
+ 
+ const struct sshcipher *cipher_by_name(const char *);
+ const char *cipher_warning_message(const struct sshcipher_ctx *);
+diff -aurp old/configure new/configure
+--- old/configure	2018-03-23 03:30:17.000000000 -1000
++++ new/configure	2018-03-23 10:05:03.888621444 -1000
+@@ -13076,7 +13076,6 @@ if ac_fn_c_try_run "$LINENO"; then :
+ 				100*)   ;; # 1.0.x
+ 				200*)   ;; # LibreSSL
+ 			        *)
+-					as_fn_error $? "OpenSSL >= 1.1.0 is not yet supported (have \"$ssl_library_ver\")" "$LINENO" 5
+ 			                ;;
+ 			esac
+ 			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_library_ver" >&5
+diff -aurp old/dh.c new/dh.c
+--- old/dh.c	2018-03-22 16:21:14.000000000 -1000
++++ new/dh.c	2018-03-23 10:05:03.888621444 -1000
+@@ -211,14 +211,15 @@ choose_dh(int min, int wantbits, int max
+ /* diffie-hellman-groupN-sha1 */
+ 
+ int
+-dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
++dh_pub_is_valid(const DH *dh, const BIGNUM *dh_pub)
+ {
+ 	int i;
+ 	int n = BN_num_bits(dh_pub);
+ 	int bits_set = 0;
+ 	BIGNUM *tmp;
++	const BIGNUM *p;
+ 
+-	if (dh_pub->neg) {
++	if (BN_is_negative(dh_pub)) {
+ 		logit("invalid public DH value: negative");
+ 		return 0;
+ 	}
+@@ -231,7 +232,8 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
+ 		error("%s: BN_new failed", __func__);
+ 		return 0;
+ 	}
+-	if (!BN_sub(tmp, dh->p, BN_value_one()) ||
++	DH_get0_pqg(dh, &p, NULL, NULL);
++	if (!BN_sub(tmp, p, BN_value_one()) ||
+ 	    BN_cmp(dh_pub, tmp) != -1) {		/* pub_exp > p-2 */
+ 		BN_clear_free(tmp);
+ 		logit("invalid public DH value: >= p-1");
+@@ -242,14 +244,14 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
+ 	for (i = 0; i <= n; i++)
+ 		if (BN_is_bit_set(dh_pub, i))
+ 			bits_set++;
+-	debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
++	debug2("bits set: %d/%d", bits_set, BN_num_bits(p));
+ 
+ 	/*
+ 	 * if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial
+ 	 */
+ 	if (bits_set < 4) {
+ 		logit("invalid public DH value (%d/%d)",
+-		   bits_set, BN_num_bits(dh->p));
++		   bits_set, BN_num_bits(p));
+ 		return 0;
+ 	}
+ 	return 1;
+@@ -259,9 +261,13 @@ int
+ dh_gen_key(DH *dh, int need)
+ {
+ 	int pbits;
++	const BIGNUM *p, *pub_key;
++	BIGNUM *priv_key;
+ 
+-	if (need < 0 || dh->p == NULL ||
+-	    (pbits = BN_num_bits(dh->p)) <= 0 ||
++	DH_get0_pqg(dh, &p, NULL, NULL);
++
++	if (need < 0 || p == NULL ||
++	    (pbits = BN_num_bits(p)) <= 0 ||
+ 	    need > INT_MAX / 2 || 2 * need > pbits)
+ 		return SSH_ERR_INVALID_ARGUMENT;
+ 	if (need < 256)
+@@ -270,10 +276,13 @@ dh_gen_key(DH *dh, int need)
+ 	 * Pollard Rho, Big step/Little Step attacks are O(sqrt(n)),
+ 	 * so double requested need here.
+ 	 */
+-	dh->length = MINIMUM(need * 2, pbits - 1);
+-	if (DH_generate_key(dh) == 0 ||
+-	    !dh_pub_is_valid(dh, dh->pub_key)) {
+-		BN_clear_free(dh->priv_key);
++	DH_set_length(dh, MIN(need * 2, pbits - 1));
++	if (DH_generate_key(dh) == 0) {
++		return SSH_ERR_LIBCRYPTO_ERROR;
++	}
++	DH_get0_key(dh, &pub_key, &priv_key);
++	if (!dh_pub_is_valid(dh, pub_key)) {
++		BN_clear(priv_key);
+ 		return SSH_ERR_LIBCRYPTO_ERROR;
+ 	}
+ 	return 0;
+@@ -282,16 +291,27 @@ dh_gen_key(DH *dh, int need)
+ DH *
+ dh_new_group_asc(const char *gen, const char *modulus)
+ {
+-	DH *dh;
++	DH *dh = NULL;
++	BIGNUM *p=NULL, *g=NULL;
+ 
+-	if ((dh = DH_new()) == NULL)
+-		return NULL;
+-	if (BN_hex2bn(&dh->p, modulus) == 0 ||
+-	    BN_hex2bn(&dh->g, gen) == 0) {
+-		DH_free(dh);
+-		return NULL;
++	if ((dh = DH_new()) == NULL ||
++	    (p = BN_new()) == NULL ||
++	    (g = BN_new()) == NULL)
++		goto null;
++	if (BN_hex2bn(&p, modulus) == 0 ||
++	    BN_hex2bn(&g, gen) == 0) {
++		goto null;
+ 	}
++	if (DH_set0_pqg(dh, p, NULL, g) == 0) {
++		goto null;
++	}
++	p = g = NULL;
+ 	return (dh);
++null:
++	BN_free(p);
++	BN_free(g);
++	DH_free(dh);
++	return NULL;
+ }
+ 
+ /*
+@@ -306,8 +326,8 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulu
+ 
+ 	if ((dh = DH_new()) == NULL)
+ 		return NULL;
+-	dh->p = modulus;
+-	dh->g = gen;
++	if (DH_set0_pqg(dh, modulus, NULL, gen) == 0)
++		return NULL;
+ 
+ 	return (dh);
+ }
+diff -aurp old/dh.h new/dh.h
+--- old/dh.h	2018-03-22 16:21:14.000000000 -1000
++++ new/dh.h	2018-03-23 10:05:03.889621527 -1000
+@@ -42,7 +42,7 @@ DH	*dh_new_group18(void);
+ DH	*dh_new_group_fallback(int);
+ 
+ int	 dh_gen_key(DH *, int);
+-int	 dh_pub_is_valid(DH *, BIGNUM *);
++int	 dh_pub_is_valid(const DH *, const BIGNUM *);
+ 
+ u_int	 dh_estimate(int);
+ 
+diff -aurp old/digest-openssl.c new/digest-openssl.c
+--- old/digest-openssl.c	2018-03-22 16:21:14.000000000 -1000
++++ new/digest-openssl.c	2018-03-23 10:05:03.889621527 -1000
+@@ -43,7 +43,7 @@
+ 
+ struct ssh_digest_ctx {
+ 	int alg;
+-	EVP_MD_CTX mdctx;
++	EVP_MD_CTX *mdctx;
+ };
+ 
+ struct ssh_digest {
+@@ -106,20 +106,21 @@ ssh_digest_bytes(int alg)
+ size_t
+ ssh_digest_blocksize(struct ssh_digest_ctx *ctx)
+ {
+-	return EVP_MD_CTX_block_size(&ctx->mdctx);
++	return EVP_MD_CTX_block_size(ctx->mdctx);
+ }
+ 
+ struct ssh_digest_ctx *
+ ssh_digest_start(int alg)
+ {
+ 	const struct ssh_digest *digest = ssh_digest_by_alg(alg);
+-	struct ssh_digest_ctx *ret;
++	struct ssh_digest_ctx *ret = NULL;
+ 
+ 	if (digest == NULL || ((ret = calloc(1, sizeof(*ret))) == NULL))
+ 		return NULL;
+ 	ret->alg = alg;
+-	EVP_MD_CTX_init(&ret->mdctx);
+-	if (EVP_DigestInit_ex(&ret->mdctx, digest->mdfunc(), NULL) != 1) {
++	if ((ret->mdctx = EVP_MD_CTX_new()) == NULL ||
++	    EVP_DigestInit_ex(ret->mdctx, digest->mdfunc(), NULL) != 1) {
++		EVP_MD_CTX_free(ret->mdctx);
+ 		free(ret);
+ 		return NULL;
+ 	}
+@@ -132,7 +133,7 @@ ssh_digest_copy_state(struct ssh_digest_
+ 	if (from->alg != to->alg)
+ 		return SSH_ERR_INVALID_ARGUMENT;
+ 	/* we have bcopy-style order while openssl has memcpy-style */
+-	if (!EVP_MD_CTX_copy_ex(&to->mdctx, &from->mdctx))
++	if (!EVP_MD_CTX_copy_ex(to->mdctx, from->mdctx))
+ 		return SSH_ERR_LIBCRYPTO_ERROR;
+ 	return 0;
+ }
+@@ -140,7 +141,7 @@ ssh_digest_copy_state(struct ssh_digest_
+ int
+ ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen)
+ {
+-	if (EVP_DigestUpdate(&ctx->mdctx, m, mlen) != 1)
++	if (EVP_DigestUpdate(ctx->mdctx, m, mlen) != 1)
+ 		return SSH_ERR_LIBCRYPTO_ERROR;
+ 	return 0;
+ }
+@@ -161,7 +162,7 @@ ssh_digest_final(struct ssh_digest_ctx *
+ 		return SSH_ERR_INVALID_ARGUMENT;
+ 	if (dlen < digest->digest_len) /* No truncation allowed */
+ 		return SSH_ERR_INVALID_ARGUMENT;
+-	if (EVP_DigestFinal_ex(&ctx->mdctx, d, &l) != 1)
++	if (EVP_DigestFinal_ex(ctx->mdctx, d, &l) != 1)
+ 		return SSH_ERR_LIBCRYPTO_ERROR;
+ 	if (l != digest->digest_len) /* sanity */
+ 		return SSH_ERR_INTERNAL_ERROR;
+@@ -172,7 +173,7 @@ void
+ ssh_digest_free(struct ssh_digest_ctx *ctx)
+ {
+ 	if (ctx != NULL) {
+-		EVP_MD_CTX_cleanup(&ctx->mdctx);
++		EVP_MD_CTX_free(ctx->mdctx);
+ 		explicit_bzero(ctx, sizeof(*ctx));
+ 		free(ctx);
+ 	}
+diff -aurp old/kexdhc.c new/kexdhc.c
+--- old/kexdhc.c	2018-03-22 16:21:14.000000000 -1000
++++ new/kexdhc.c	2018-03-23 10:05:03.889621527 -1000
+@@ -81,11 +81,16 @@ kexdh_client(struct ssh *ssh)
+ 		goto out;
+ 	}
+ 	debug("sending SSH2_MSG_KEXDH_INIT");
+-	if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 ||
+-	    (r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 ||
+-	    (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 ||
++	{
++	const BIGNUM *pub_key;
++	if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
++		goto out;
++	DH_get0_key(kex->dh, &pub_key, NULL);
++	if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_INIT)) != 0 ||
++	    (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||
+ 	    (r = sshpkt_send(ssh)) != 0)
+ 		goto out;
++	}
+ #ifdef DEBUG_KEXDH
+ 	DHparams_print_fp(stderr, kex->dh);
+ 	fprintf(stderr, "pub= ");
+@@ -169,6 +174,9 @@ input_kex_dh(int type, u_int32_t seq, st
+ 
+ 	/* calc and verify H */
+ 	hashlen = sizeof(hash);
++	{
++	const BIGNUM *pub_key;
++	DH_get0_key(kex->dh, &pub_key, NULL);
+ 	if ((r = kex_dh_hash(
+ 	    kex->hash_alg,
+ 	    kex->client_version_string,
+@@ -176,11 +184,13 @@ input_kex_dh(int type, u_int32_t seq, st
+ 	    sshbuf_ptr(kex->my), sshbuf_len(kex->my),
+ 	    sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
+ 	    server_host_key_blob, sbloblen,
+-	    kex->dh->pub_key,
++	    pub_key,
+ 	    dh_server_pub,
+ 	    shared_secret,
+-	    hash, &hashlen)) != 0)
++	    hash, &hashlen)) != 0) {
+ 		goto out;
++	}
++	}
+ 
+ 	if ((r = sshkey_verify(server_host_key, signature, slen, hash, hashlen,
+ 	    kex->hostkey_alg, ssh->compat)) != 0)
+diff -aurp old/kexdhs.c new/kexdhs.c
+--- old/kexdhs.c	2018-03-22 16:21:14.000000000 -1000
++++ new/kexdhs.c	2018-03-23 10:58:58.126733207 -1000
+@@ -163,6 +163,9 @@ input_kex_dh_init(int type, u_int32_t se
+ 		goto out;
+ 	/* calc H */
+ 	hashlen = sizeof(hash);
++	{
++	const BIGNUM *pub_key;
++	DH_get0_key(kex->dh, &pub_key, NULL);
+ 	if ((r = kex_dh_hash(
+ 	    kex->hash_alg,
+ 	    kex->client_version_string,
+@@ -171,10 +174,12 @@ input_kex_dh_init(int type, u_int32_t se
+ 	    sshbuf_ptr(kex->my), sshbuf_len(kex->my),
+ 	    server_host_key_blob, sbloblen,
+ 	    dh_client_pub,
+-	    kex->dh->pub_key,
++	    pub_key,
+ 	    shared_secret,
+-	    hash, &hashlen)) != 0)
++	    hash, &hashlen)) != 0) {
+ 		goto out;
++	}
++	}
+ 
+ 	/* save session id := H */
+ 	if (kex->session_id == NULL) {
+@@ -195,12 +200,17 @@ input_kex_dh_init(int type, u_int32_t se
+ 	/* destroy_sensitive_data(); */
+ 
+ 	/* send server hostkey, DH pubkey 'f' and singed H */
++	{
++	const BIGNUM *pub_key;
++	DH_get0_key(kex->dh, &pub_key, NULL);
+ 	if ((r = sshpkt_start(ssh, SSH2_MSG_KEXDH_REPLY)) != 0 ||
+ 	    (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
+-	    (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 ||	/* f */
++	    (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||	/* f */
+ 	    (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
+-	    (r = sshpkt_send(ssh)) != 0)
++	    (r = sshpkt_send(ssh)) != 0) {
+ 		goto out;
++	}
++	}
+ 
+ 	if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
+ 		r = kex_send_newkeys(ssh);
+diff -aurp old/kexgexc.c new/kexgexc.c
+--- old/kexgexc.c	2018-03-22 16:21:14.000000000 -1000
++++ new/kexgexc.c	2018-03-23 11:00:00.132866201 -1000
+@@ -118,11 +118,17 @@ input_kex_dh_gex_group(int type, u_int32
+ 	p = g = NULL; /* belong to kex->dh now */
+ 
+ 	/* generate and send 'e', client DH public key */
+-	if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0 ||
+-	    (r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 ||
+-	    (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 ||
+-	    (r = sshpkt_send(ssh)) != 0)
++	{
++	const BIGNUM *pub_key;
++	if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
++		goto out;
++	DH_get0_key(kex->dh, &pub_key, NULL);
++	if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_INIT)) != 0 ||
++	    (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||
++	    (r = sshpkt_send(ssh)) != 0) {
+ 		goto out;
++	}
++	}
+ 	debug("SSH2_MSG_KEX_DH_GEX_INIT sent");
+ #ifdef DEBUG_KEXDH
+ 	DHparams_print_fp(stderr, kex->dh);
+@@ -212,6 +218,10 @@ input_kex_dh_gex_reply(int type, u_int32
+ 
+ 	/* calc and verify H */
+ 	hashlen = sizeof(hash);
++	{
++	const BIGNUM *p, *g, *pub_key;
++	DH_get0_pqg(kex->dh, &p, NULL, &g);
++	DH_get0_key(kex->dh, &pub_key, NULL);
+ 	if ((r = kexgex_hash(
+ 	    kex->hash_alg,
+ 	    kex->client_version_string,
+@@ -220,12 +230,14 @@ input_kex_dh_gex_reply(int type, u_int32
+ 	    sshbuf_ptr(kex->peer), sshbuf_len(kex->peer),
+ 	    server_host_key_blob, sbloblen,
+ 	    kex->min, kex->nbits, kex->max,
+-	    kex->dh->p, kex->dh->g,
+-	    kex->dh->pub_key,
++	    p, g,
++	    pub_key,
+ 	    dh_server_pub,
+ 	    shared_secret,
+-	    hash, &hashlen)) != 0)
++	    hash, &hashlen)) != 0) {
+ 		goto out;
++	}
++	}
+ 
+ 	if ((r = sshkey_verify(server_host_key, signature, slen, hash,
+ 	    hashlen, kex->hostkey_alg, ssh->compat)) != 0)
+diff -aurp old/kexgexs.c new/kexgexs.c
+--- old/kexgexs.c	2018-03-22 16:21:14.000000000 -1000
++++ new/kexgexs.c	2018-03-23 11:03:06.045049721 -1000
+@@ -101,11 +101,16 @@ input_kex_dh_gex_request(int type, u_int
+ 		goto out;
+ 	}
+ 	debug("SSH2_MSG_KEX_DH_GEX_GROUP sent");
++	{
++	const BIGNUM *p, *g;
++	DH_get0_pqg(kex->dh, &p, NULL, &g);
+ 	if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_GROUP)) != 0 ||
+-	    (r = sshpkt_put_bignum2(ssh, kex->dh->p)) != 0 ||
+-	    (r = sshpkt_put_bignum2(ssh, kex->dh->g)) != 0 ||
+-	    (r = sshpkt_send(ssh)) != 0)
++	    (r = sshpkt_put_bignum2(ssh, p)) != 0 ||
++	    (r = sshpkt_put_bignum2(ssh, g)) != 0 ||
++	    (r = sshpkt_send(ssh)) != 0) {
+ 		goto out;
++	}
++	}
+ 
+ 	/* Compute our exchange value in parallel with the client */
+ 	if ((r = dh_gen_key(kex->dh, kex->we_need * 8)) != 0)
+@@ -191,6 +196,10 @@ input_kex_dh_gex_init(int type, u_int32_
+ 		goto out;
+ 	/* calc H */
+ 	hashlen = sizeof(hash);
++	{
++	const BIGNUM *p, *g, *pub_key;
++	DH_get0_pqg(kex->dh, &p, NULL, &g);
++	DH_get0_key(kex->dh, &pub_key, NULL);
+ 	if ((r = kexgex_hash(
+ 	    kex->hash_alg,
+ 	    kex->client_version_string,
+@@ -199,12 +208,14 @@ input_kex_dh_gex_init(int type, u_int32_
+ 	    sshbuf_ptr(kex->my), sshbuf_len(kex->my),
+ 	    server_host_key_blob, sbloblen,
+ 	    kex->min, kex->nbits, kex->max,
+-	    kex->dh->p, kex->dh->g,
++	    p, g,
+ 	    dh_client_pub,
+-	    kex->dh->pub_key,
++	    pub_key,
+ 	    shared_secret,
+-	    hash, &hashlen)) != 0)
++	    hash, &hashlen)) != 0) {
+ 		goto out;
++	}
++	}
+ 
+ 	/* save session id := H */
+ 	if (kex->session_id == NULL) {
+@@ -225,12 +236,17 @@ input_kex_dh_gex_init(int type, u_int32_
+ 	/* destroy_sensitive_data(); */
+ 
+ 	/* send server hostkey, DH pubkey 'f' and singed H */
++	{
++	const BIGNUM *pub_key;
++	DH_get0_key(kex->dh, &pub_key, NULL);
+ 	if ((r = sshpkt_start(ssh, SSH2_MSG_KEX_DH_GEX_REPLY)) != 0 ||
+ 	    (r = sshpkt_put_string(ssh, server_host_key_blob, sbloblen)) != 0 ||
+-	    (r = sshpkt_put_bignum2(ssh, kex->dh->pub_key)) != 0 ||     /* f */
++	    (r = sshpkt_put_bignum2(ssh, pub_key)) != 0 ||     /* f */
+ 	    (r = sshpkt_put_string(ssh, signature, slen)) != 0 ||
+-	    (r = sshpkt_send(ssh)) != 0)
++	    (r = sshpkt_send(ssh)) != 0) {
+ 		goto out;
++	}
++	}
+ 
+ 	if ((r = kex_derive_keys_bn(ssh, hash, hashlen, shared_secret)) == 0)
+ 		r = kex_send_newkeys(ssh);
+diff -aurp old/monitor.c new/monitor.c
+--- old/monitor.c	2018-03-22 16:21:14.000000000 -1000
++++ new/monitor.c	2018-03-23 10:05:03.890621610 -1000
+@@ -595,10 +595,12 @@ mm_answer_moduli(int sock, Buffer *m)
+ 		buffer_put_char(m, 0);
+ 		return (0);
+ 	} else {
++		const BIGNUM *p, *g;
++		DH_get0_pqg(dh, &p, NULL, &g);
+ 		/* Send first bignum */
+ 		buffer_put_char(m, 1);
+-		buffer_put_bignum2(m, dh->p);
+-		buffer_put_bignum2(m, dh->g);
++		buffer_put_bignum2(m, p);
++		buffer_put_bignum2(m, g);
+ 
+ 		DH_free(dh);
+ 	}
+diff -aurp old/openbsd-compat/openssl-compat.c new/openbsd-compat/openssl-compat.c
+--- old/openbsd-compat/openssl-compat.c	2018-03-22 16:21:14.000000000 -1000
++++ new/openbsd-compat/openssl-compat.c	2018-03-23 10:05:03.890621610 -1000
+@@ -75,7 +75,6 @@ ssh_OpenSSL_add_all_algorithms(void)
+ 	/* Enable use of crypto hardware */
+ 	ENGINE_load_builtin_engines();
+ 	ENGINE_register_all_complete();
+-	OPENSSL_config(NULL);
+ }
+ #endif
+ 
+diff -aurp old/regress/unittests/sshkey/test_file.c new/regress/unittests/sshkey/test_file.c
+--- old/regress/unittests/sshkey/test_file.c	2018-03-22 16:21:14.000000000 -1000
++++ new/regress/unittests/sshkey/test_file.c	2018-03-23 10:05:03.890621610 -1000
+@@ -60,9 +60,14 @@ sshkey_file_tests(void)
+ 	a = load_bignum("rsa_1.param.n");
+ 	b = load_bignum("rsa_1.param.p");
+ 	c = load_bignum("rsa_1.param.q");
+-	ASSERT_BIGNUM_EQ(k1->rsa->n, a);
+-	ASSERT_BIGNUM_EQ(k1->rsa->p, b);
+-	ASSERT_BIGNUM_EQ(k1->rsa->q, c);
++	{
++	const BIGNUM *n, *p, *q;
++	RSA_get0_key(k1->rsa, &n, NULL, NULL);
++	RSA_get0_factors(k1->rsa, &p, &q);
++	ASSERT_BIGNUM_EQ(n, a);
++	ASSERT_BIGNUM_EQ(p, b);
++	ASSERT_BIGNUM_EQ(q, c);
++	}
+ 	BN_free(a);
+ 	BN_free(b);
+ 	BN_free(c);
+@@ -151,9 +156,14 @@ sshkey_file_tests(void)
+ 	a = load_bignum("dsa_1.param.g");
+ 	b = load_bignum("dsa_1.param.priv");
+ 	c = load_bignum("dsa_1.param.pub");
+-	ASSERT_BIGNUM_EQ(k1->dsa->g, a);
+-	ASSERT_BIGNUM_EQ(k1->dsa->priv_key, b);
+-	ASSERT_BIGNUM_EQ(k1->dsa->pub_key, c);
++	{
++	const BIGNUM *g, *priv_key, *pub_key;
++	DSA_get0_pqg(k1->dsa, NULL, NULL, &g);
++	DSA_get0_key(k1->dsa, &pub_key, &priv_key);
++	ASSERT_BIGNUM_EQ(g, a);
++	ASSERT_BIGNUM_EQ(priv_key, b);
++	ASSERT_BIGNUM_EQ(pub_key, c);
++	}
+ 	BN_free(a);
+ 	BN_free(b);
+ 	BN_free(c);
+diff -aurp old/regress/unittests/sshkey/test_sshkey.c new/regress/unittests/sshkey/test_sshkey.c
+--- old/regress/unittests/sshkey/test_sshkey.c	2018-03-22 16:21:14.000000000 -1000
++++ new/regress/unittests/sshkey/test_sshkey.c	2018-03-23 10:05:03.890621610 -1000
+@@ -197,9 +197,14 @@ sshkey_tests(void)
+ 	k1 = sshkey_new(KEY_RSA);
+ 	ASSERT_PTR_NE(k1, NULL);
+ 	ASSERT_PTR_NE(k1->rsa, NULL);
+-	ASSERT_PTR_NE(k1->rsa->n, NULL);
+-	ASSERT_PTR_NE(k1->rsa->e, NULL);
+-	ASSERT_PTR_EQ(k1->rsa->p, NULL);
++	{
++	const BIGNUM *n, *e, *p;
++	RSA_get0_key(k1->rsa, &n, &e, NULL);
++	RSA_get0_factors(k1->rsa, &p, NULL);
++	ASSERT_PTR_NE(n, NULL);
++	ASSERT_PTR_NE(e, NULL);
++	ASSERT_PTR_EQ(p, NULL);
++	}
+ 	sshkey_free(k1);
+ 	TEST_DONE();
+ 
+@@ -207,8 +212,13 @@ sshkey_tests(void)
+ 	k1 = sshkey_new(KEY_DSA);
+ 	ASSERT_PTR_NE(k1, NULL);
+ 	ASSERT_PTR_NE(k1->dsa, NULL);
+-	ASSERT_PTR_NE(k1->dsa->g, NULL);
+-	ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
++	{
++	const BIGNUM *g, *priv_key;
++	DSA_get0_pqg(k1->dsa, NULL, NULL, &g);
++	DSA_get0_key(k1->dsa, NULL, &priv_key);
++	ASSERT_PTR_NE(g, NULL);
++	ASSERT_PTR_EQ(priv_key, NULL);
++	}
+ 	sshkey_free(k1);
+ 	TEST_DONE();
+ 
+@@ -234,9 +244,14 @@ sshkey_tests(void)
+ 	k1 = sshkey_new_private(KEY_RSA);
+ 	ASSERT_PTR_NE(k1, NULL);
+ 	ASSERT_PTR_NE(k1->rsa, NULL);
+-	ASSERT_PTR_NE(k1->rsa->n, NULL);
+-	ASSERT_PTR_NE(k1->rsa->e, NULL);
+-	ASSERT_PTR_NE(k1->rsa->p, NULL);
++	{
++	const BIGNUM *n, *e, *p;
++	RSA_get0_key(k1->rsa, &n, &e, NULL);
++	RSA_get0_factors(k1->rsa, &p, NULL);
++	ASSERT_PTR_NE(n, NULL);
++	ASSERT_PTR_NE(e, NULL);
++	ASSERT_PTR_NE(p, NULL);
++	}
+ 	ASSERT_INT_EQ(sshkey_add_private(k1), 0);
+ 	sshkey_free(k1);
+ 	TEST_DONE();
+@@ -245,8 +260,13 @@ sshkey_tests(void)
+ 	k1 = sshkey_new_private(KEY_DSA);
+ 	ASSERT_PTR_NE(k1, NULL);
+ 	ASSERT_PTR_NE(k1->dsa, NULL);
+-	ASSERT_PTR_NE(k1->dsa->g, NULL);
+-	ASSERT_PTR_NE(k1->dsa->priv_key, NULL);
++	{
++	const BIGNUM *g, *priv_key;
++	DSA_get0_pqg(k1->dsa, NULL, NULL, &g);
++	DSA_get0_key(k1->dsa, NULL, &priv_key);
++	ASSERT_PTR_NE(g, NULL);
++	ASSERT_PTR_NE(priv_key, NULL);
++	}
+ 	ASSERT_INT_EQ(sshkey_add_private(k1), 0);
+ 	sshkey_free(k1);
+ 	TEST_DONE();
+@@ -285,18 +305,28 @@ sshkey_tests(void)
+ 	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &kr), 0);
+ 	ASSERT_PTR_NE(kr, NULL);
+ 	ASSERT_PTR_NE(kr->rsa, NULL);
+-	ASSERT_PTR_NE(kr->rsa->n, NULL);
+-	ASSERT_PTR_NE(kr->rsa->e, NULL);
+-	ASSERT_PTR_NE(kr->rsa->p, NULL);
+-	ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 1024);
++	{
++	const BIGNUM *n, *e, *p;
++	RSA_get0_key(kr->rsa, &n, &e, NULL);
++	RSA_get0_factors(kr->rsa, &p, NULL);
++	ASSERT_PTR_NE(n, NULL);
++	ASSERT_PTR_NE(e, NULL);
++	ASSERT_PTR_NE(p, NULL);
++	ASSERT_INT_EQ(BN_num_bits(n), 1024);
++	}
+ 	TEST_DONE();
+ 
+ 	TEST_START("generate KEY_DSA");
+ 	ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &kd), 0);
+ 	ASSERT_PTR_NE(kd, NULL);
+ 	ASSERT_PTR_NE(kd->dsa, NULL);
+-	ASSERT_PTR_NE(kd->dsa->g, NULL);
+-	ASSERT_PTR_NE(kd->dsa->priv_key, NULL);
++	{
++	const BIGNUM *g, *priv_key;
++	DSA_get0_pqg(kd->dsa, NULL, NULL, &g);
++	DSA_get0_key(kd->dsa, NULL, &priv_key);
++	ASSERT_PTR_NE(g, NULL);
++	ASSERT_PTR_NE(priv_key, NULL);
++	}
+ 	TEST_DONE();
+ 
+ #ifdef OPENSSL_HAS_ECC
+@@ -323,9 +353,14 @@ sshkey_tests(void)
+ 	ASSERT_PTR_NE(kr, k1);
+ 	ASSERT_INT_EQ(k1->type, KEY_RSA);
+ 	ASSERT_PTR_NE(k1->rsa, NULL);
+-	ASSERT_PTR_NE(k1->rsa->n, NULL);
+-	ASSERT_PTR_NE(k1->rsa->e, NULL);
+-	ASSERT_PTR_EQ(k1->rsa->p, NULL);
++	{
++	const BIGNUM *n, *e, *p;
++	RSA_get0_key(k1->rsa, &n, &e, NULL);
++	RSA_get0_factors(k1->rsa, &p, NULL);
++	ASSERT_PTR_NE(n, NULL);
++	ASSERT_PTR_NE(e, NULL);
++	ASSERT_PTR_EQ(p, NULL);
++	}
+ 	TEST_DONE();
+ 
+ 	TEST_START("equal KEY_RSA/demoted KEY_RSA");
+@@ -339,8 +374,13 @@ sshkey_tests(void)
+ 	ASSERT_PTR_NE(kd, k1);
+ 	ASSERT_INT_EQ(k1->type, KEY_DSA);
+ 	ASSERT_PTR_NE(k1->dsa, NULL);
+-	ASSERT_PTR_NE(k1->dsa->g, NULL);
+-	ASSERT_PTR_EQ(k1->dsa->priv_key, NULL);
++	{
++	const BIGNUM *g, *priv_key;
++	DSA_get0_pqg(k1->dsa, NULL, NULL, &g);
++	DSA_get0_key(k1->dsa, NULL, &priv_key);
++	ASSERT_PTR_NE(g, NULL);
++	ASSERT_PTR_EQ(priv_key, NULL);
++	}
+ 	TEST_DONE();
+ 
+ 	TEST_START("equal KEY_DSA/demoted KEY_DSA");
+diff -aurp old/ssh-dss.c new/ssh-dss.c
+--- old/ssh-dss.c	2018-03-22 16:21:14.000000000 -1000
++++ new/ssh-dss.c	2018-03-23 10:05:03.891621693 -1000
+@@ -53,6 +53,7 @@ ssh_dss_sign(const struct sshkey *key, u
+ 	DSA_SIG *sig = NULL;
+ 	u_char digest[SSH_DIGEST_MAX_LENGTH], sigblob[SIGBLOB_LEN];
+ 	size_t rlen, slen, len, dlen = ssh_digest_bytes(SSH_DIGEST_SHA1);
++	const BIGNUM *r, *s;
+ 	struct sshbuf *b = NULL;
+ 	int ret = SSH_ERR_INVALID_ARGUMENT;
+ 
+@@ -76,15 +77,16 @@ ssh_dss_sign(const struct sshkey *key, u
+ 		goto out;
+ 	}
+ 
+-	rlen = BN_num_bytes(sig->r);
+-	slen = BN_num_bytes(sig->s);
++	DSA_SIG_get0(sig, &r, &s);
++	rlen = BN_num_bytes(r);
++	slen = BN_num_bytes(s);
+ 	if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
+ 		ret = SSH_ERR_INTERNAL_ERROR;
+ 		goto out;
+ 	}
+ 	explicit_bzero(sigblob, SIGBLOB_LEN);
+-	BN_bn2bin(sig->r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen);
+-	BN_bn2bin(sig->s, sigblob + SIGBLOB_LEN - slen);
++	BN_bn2bin(r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen);
++	BN_bn2bin(s, sigblob + SIGBLOB_LEN - slen);
+ 
+ 	if ((b = sshbuf_new()) == NULL) {
+ 		ret = SSH_ERR_ALLOC_FAIL;
+@@ -154,17 +156,26 @@ ssh_dss_verify(const struct sshkey *key,
+ 	}
+ 
+ 	/* parse signature */
++	{
++	BIGNUM *r=NULL, *s=NULL;
+ 	if ((sig = DSA_SIG_new()) == NULL ||
+-	    (sig->r = BN_new()) == NULL ||
+-	    (sig->s = BN_new()) == NULL) {
++	    (r = BN_new()) == NULL ||
++	    (s = BN_new()) == NULL) {
+ 		ret = SSH_ERR_ALLOC_FAIL;
++		BN_free(r);
++		BN_free(s);
+ 		goto out;
+ 	}
+-	if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) ||
+-	    (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL)) {
++	if ((BN_bin2bn(sigblob, INTBLOB_LEN, r) == NULL) ||
++	    (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, s) == NULL)) {
+ 		ret = SSH_ERR_LIBCRYPTO_ERROR;
++		BN_free(r);
++		BN_free(s);
+ 		goto out;
+ 	}
++	DSA_SIG_set0(sig, r, s);
++	r = s = NULL;
++	}
+ 
+ 	/* sha1 the data */
+ 	if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen,
+diff -aurp old/ssh-ecdsa.c new/ssh-ecdsa.c
+--- old/ssh-ecdsa.c	2018-03-22 16:21:14.000000000 -1000
++++ new/ssh-ecdsa.c	2018-03-23 10:05:03.891621693 -1000
+@@ -80,9 +80,14 @@ ssh_ecdsa_sign(const struct sshkey *key,
+ 		ret = SSH_ERR_ALLOC_FAIL;
+ 		goto out;
+ 	}
+-	if ((ret = sshbuf_put_bignum2(bb, sig->r)) != 0 ||
+-	    (ret = sshbuf_put_bignum2(bb, sig->s)) != 0)
++	{
++	const BIGNUM *r, *s;
++	ECDSA_SIG_get0(sig, &r, &s);
++	if ((ret = sshbuf_put_bignum2(bb, r)) != 0 ||
++	    (ret = sshbuf_put_bignum2(bb, s)) != 0) {
+ 		goto out;
++	}
++	}
+ 	if ((ret = sshbuf_put_cstring(b, sshkey_ssh_name_plain(key))) != 0 ||
+ 	    (ret = sshbuf_put_stringb(b, bb)) != 0)
+ 		goto out;
+@@ -150,11 +155,27 @@ ssh_ecdsa_verify(const struct sshkey *ke
+ 		ret = SSH_ERR_ALLOC_FAIL;
+ 		goto out;
+ 	}
+-	if (sshbuf_get_bignum2(sigbuf, sig->r) != 0 ||
+-	    sshbuf_get_bignum2(sigbuf, sig->s) != 0) {
++	{
++	BIGNUM *r=NULL, *s=NULL;
++	if ((r = BN_new()) == NULL ||
++	    (s = BN_new()) == NULL) {
++		ret = SSH_ERR_ALLOC_FAIL;
++		goto out_rs;
++	}
++	if (sshbuf_get_bignum2(sigbuf, r) != 0 ||
++	    sshbuf_get_bignum2(sigbuf, s) != 0) {
+ 		ret = SSH_ERR_INVALID_FORMAT;
++		goto out_rs;
++	}
++	if (ECDSA_SIG_set0(sig, r, s) == 0) {
++		ret = SSH_ERR_LIBCRYPTO_ERROR;
++out_rs:
++		BN_free(r);
++		BN_free(s);
+ 		goto out;
+ 	}
++	r = s = NULL;
++	}
+ 	if (sshbuf_len(sigbuf) != 0) {
+ 		ret = SSH_ERR_UNEXPECTED_TRAILING_DATA;
+ 		goto out;
+diff -aurp old/ssh-keygen.c new/ssh-keygen.c
+--- old/ssh-keygen.c	2018-03-22 16:21:14.000000000 -1000
++++ new/ssh-keygen.c	2018-03-23 10:05:03.891621693 -1000
+@@ -493,11 +493,33 @@ do_convert_private_ssh2_from_blob(u_char
+ 
+ 	switch (key->type) {
+ 	case KEY_DSA:
+-		buffer_get_bignum_bits(b, key->dsa->p);
+-		buffer_get_bignum_bits(b, key->dsa->g);
+-		buffer_get_bignum_bits(b, key->dsa->q);
+-		buffer_get_bignum_bits(b, key->dsa->pub_key);
+-		buffer_get_bignum_bits(b, key->dsa->priv_key);
++		{
++		BIGNUM *p=NULL, *g=NULL, *q=NULL, *pub_key=NULL, *priv_key=NULL;
++		if ((p=BN_new()) == NULL ||
++		    (g=BN_new()) == NULL ||
++		    (q=BN_new()) == NULL ||
++		    (pub_key=BN_new()) == NULL ||
++		    (priv_key=BN_new()) == NULL) {
++			BN_free(p);
++			BN_free(g);
++			BN_free(q);
++			BN_free(pub_key);
++			BN_free(priv_key);
++			return NULL;
++		}
++		buffer_get_bignum_bits(b, p);
++		buffer_get_bignum_bits(b, g);
++		buffer_get_bignum_bits(b, q);
++		buffer_get_bignum_bits(b, pub_key);
++		buffer_get_bignum_bits(b, priv_key);
++		if (DSA_set0_pqg(key->dsa, p, q, g) == 0 ||
++		    DSA_set0_key(key->dsa, pub_key, priv_key) == 0) {
++			fatal("failed to set DSA key");
++			BN_free(p); BN_free(g); BN_free(q);
++			BN_free(pub_key); BN_free(priv_key);
++			return NULL;
++		}
++		}
+ 		break;
+ 	case KEY_RSA:
+ 		if ((r = sshbuf_get_u8(b, &e1)) != 0 ||
+@@ -514,16 +536,52 @@ do_convert_private_ssh2_from_blob(u_char
+ 			e += e3;
+ 			debug("e %lx", e);
+ 		}
+-		if (!BN_set_word(key->rsa->e, e)) {
++		{
++		BIGNUM *rsa_e = NULL;
++		BIGNUM *d=NULL, *n=NULL, *iqmp=NULL, *q=NULL, *p=NULL;
++		BIGNUM *dmp1=NULL, *dmq1=NULL; /* dummy input to set in RSA_set0_crt_params */
++		rsa_e = BN_new();
++		if (!rsa_e || !BN_set_word(rsa_e, e)) {
++			if (rsa_e) BN_free(rsa_e);
+ 			sshbuf_free(b);
+ 			sshkey_free(key);
+ 			return NULL;
+ 		}
+-		buffer_get_bignum_bits(b, key->rsa->d);
+-		buffer_get_bignum_bits(b, key->rsa->n);
+-		buffer_get_bignum_bits(b, key->rsa->iqmp);
+-		buffer_get_bignum_bits(b, key->rsa->q);
+-		buffer_get_bignum_bits(b, key->rsa->p);
++		if ((d=BN_new()) == NULL ||
++		    (n=BN_new()) == NULL ||
++		    (iqmp=BN_new()) == NULL ||
++		    (q=BN_new()) == NULL ||
++		    (p=BN_new()) == NULL ||
++		    (dmp1=BN_new()) == NULL ||
++		    (dmq1=BN_new()) == NULL) {
++			BN_free(d); BN_free(n); BN_free(iqmp);
++			BN_free(q); BN_free(p);
++			BN_free(dmp1); BN_free(dmq1);
++			return NULL;
++		}
++		BN_clear(dmp1); BN_clear(dmq1);
++		buffer_get_bignum_bits(b, d);
++		buffer_get_bignum_bits(b, n);
++		buffer_get_bignum_bits(b, iqmp);
++		buffer_get_bignum_bits(b, q);
++		buffer_get_bignum_bits(b, p);
++		if (RSA_set0_key(key->rsa, n, rsa_e, d) == 0)
++			goto null;
++		n = d = NULL;
++		if (RSA_set0_factors(key->rsa, p, q) == 0)
++			goto null;
++		p = q = NULL;
++		/* dmp1, dmq1 should not be NULL for initial set0 */
++		if (RSA_set0_crt_params(key->rsa, dmp1, dmq1, iqmp) == 0) {
++ null:
++			fatal("Failed to set RSA parameters");
++			BN_free(d); BN_free(n); BN_free(iqmp);
++			BN_free(q); BN_free(p);
++			BN_free(dmp1); BN_free(dmq1);
++			return NULL;
++		}
++		dmp1 = dmq1 = iqmp = NULL;
++		}
+ 		if ((r = ssh_rsa_generate_additional_parameters(key)) != 0)
+ 			fatal("generate RSA parameters failed: %s", ssh_err(r));
+ 		break;
+@@ -633,7 +691,7 @@ do_convert_from_pkcs8(struct sshkey **k,
+ 		    identity_file);
+ 	}
+ 	fclose(fp);
+-	switch (EVP_PKEY_type(pubkey->type)) {
++	switch (EVP_PKEY_type(EVP_PKEY_id(pubkey))) {
+ 	case EVP_PKEY_RSA:
+ 		if ((*k = sshkey_new(KEY_UNSPEC)) == NULL)
+ 			fatal("sshkey_new failed");
+@@ -657,7 +715,7 @@ do_convert_from_pkcs8(struct sshkey **k,
+ #endif
+ 	default:
+ 		fatal("%s: unsupported pubkey type %d", __func__,
+-		    EVP_PKEY_type(pubkey->type));
++		    EVP_PKEY_type(EVP_PKEY_id(pubkey)));
+ 	}
+ 	EVP_PKEY_free(pubkey);
+ 	return;
+diff -aurp old/ssh-pkcs11-client.c new/ssh-pkcs11-client.c
+--- old/ssh-pkcs11-client.c	2018-03-22 16:21:14.000000000 -1000
++++ new/ssh-pkcs11-client.c	2018-03-23 10:05:03.892621777 -1000
+@@ -144,12 +144,13 @@ pkcs11_rsa_private_encrypt(int flen, con
+ static int
+ wrap_key(RSA *rsa)
+ {
+-	static RSA_METHOD helper_rsa;
++	static RSA_METHOD *helper_rsa;
+ 
+-	memcpy(&helper_rsa, RSA_get_default_method(), sizeof(helper_rsa));
+-	helper_rsa.name = "ssh-pkcs11-helper";
+-	helper_rsa.rsa_priv_enc = pkcs11_rsa_private_encrypt;
+-	RSA_set_method(rsa, &helper_rsa);
++	if ((helper_rsa = RSA_meth_dup(RSA_get_default_method())) == NULL)
++		return (-1); /* XXX but caller isn't checking */
++	RSA_meth_set1_name(helper_rsa, "ssh-pkcs11-helper");
++	RSA_meth_set_priv_enc(helper_rsa, pkcs11_rsa_private_encrypt);
++	RSA_set_method(rsa, helper_rsa);
+ 	return (0);
+ }
+ 
+diff -aurp old/ssh-pkcs11.c new/ssh-pkcs11.c
+--- old/ssh-pkcs11.c	2018-03-22 16:21:14.000000000 -1000
++++ new/ssh-pkcs11.c	2018-03-23 10:05:03.892621777 -1000
+@@ -67,7 +67,7 @@ struct pkcs11_key {
+ 	struct pkcs11_provider	*provider;
+ 	CK_ULONG		slotidx;
+ 	int			(*orig_finish)(RSA *rsa);
+-	RSA_METHOD		rsa_method;
++	RSA_METHOD		*rsa_method;
+ 	char			*keyid;
+ 	int			keyid_len;
+ };
+@@ -326,13 +326,15 @@ pkcs11_rsa_wrap(struct pkcs11_provider *
+ 		k11->keyid = xmalloc(k11->keyid_len);
+ 		memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
+ 	}
+-	k11->orig_finish = def->finish;
+-	memcpy(&k11->rsa_method, def, sizeof(k11->rsa_method));
+-	k11->rsa_method.name = "pkcs11";
+-	k11->rsa_method.rsa_priv_enc = pkcs11_rsa_private_encrypt;
+-	k11->rsa_method.rsa_priv_dec = pkcs11_rsa_private_decrypt;
+-	k11->rsa_method.finish = pkcs11_rsa_finish;
+-	RSA_set_method(rsa, &k11->rsa_method);
++	k11->orig_finish = RSA_meth_get_finish(def);
++
++	if ((k11->rsa_method = RSA_meth_new("pkcs11", RSA_meth_get_flags(def))) == NULL)
++		return -1;
++	RSA_meth_set_priv_enc(k11->rsa_method, pkcs11_rsa_private_encrypt);
++	RSA_meth_set_priv_dec(k11->rsa_method, pkcs11_rsa_private_decrypt);
++	RSA_meth_set_finish(k11->rsa_method, pkcs11_rsa_finish);
++
++	RSA_set_method(rsa, k11->rsa_method);
+ 	RSA_set_app_data(rsa, k11);
+ 	return (0);
+ }
+@@ -512,10 +514,19 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
+ 			if ((rsa = RSA_new()) == NULL) {
+ 				error("RSA_new failed");
+ 			} else {
+-				rsa->n = BN_bin2bn(attribs[1].pValue,
+-				    attribs[1].ulValueLen, NULL);
+-				rsa->e = BN_bin2bn(attribs[2].pValue,
+-				    attribs[2].ulValueLen, NULL);
++				BIGNUM *n=NULL, *e=NULL;
++				n = BN_new();
++				e = BN_new();
++				if (n == NULL || e == NULL)
++					error("BN_new alloc failed");
++				if (BN_bin2bn(attribs[1].pValue,
++				      attribs[1].ulValueLen, n) == NULL ||
++				    BN_bin2bn(attribs[2].pValue,
++				      attribs[2].ulValueLen, e) == NULL)
++					error("BN_bin2bn failed");
++				if (RSA_set0_key(rsa, n, e, NULL) == 0)
++					error("RSA_set0_key failed");
++				n = e = NULL;
+ 			}
+ 		} else {
+ 			cp = attribs[2].pValue;
+@@ -525,16 +536,19 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
+ 			    == NULL) {
+ 				error("d2i_X509 failed");
+ 			} else if ((evp = X509_get_pubkey(x509)) == NULL ||
+-			    evp->type != EVP_PKEY_RSA ||
+-			    evp->pkey.rsa == NULL) {
++			    EVP_PKEY_id(evp) != EVP_PKEY_RSA ||
++			    EVP_PKEY_get0_RSA(evp) == NULL) {
+ 				debug("X509_get_pubkey failed or no rsa");
+-			} else if ((rsa = RSAPublicKey_dup(evp->pkey.rsa))
++			} else if ((rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(evp)))
+ 			    == NULL) {
+ 				error("RSAPublicKey_dup");
+ 			}
+ 			X509_free(x509);
+ 		}
+-		if (rsa && rsa->n && rsa->e &&
++		{
++		const BIGNUM *n, *e;
++		RSA_get0_key(rsa, &n, &e, NULL);
++		if (rsa && n && e &&
+ 		    pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) {
+ 			if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
+ 				fatal("sshkey_new failed");
+@@ -554,6 +568,7 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
+ 		} else if (rsa) {
+ 			RSA_free(rsa);
+ 		}
++		}
+ 		for (i = 0; i < 3; i++)
+ 			free(attribs[i].pValue);
+ 	}
+diff -aurp old/ssh-rsa.c new/ssh-rsa.c
+--- old/ssh-rsa.c	2018-03-22 16:21:14.000000000 -1000
++++ new/ssh-rsa.c	2018-03-23 10:05:03.892621777 -1000
+@@ -84,7 +84,6 @@ ssh_rsa_generate_additional_parameters(s
+ {
+ 	BIGNUM *aux = NULL;
+ 	BN_CTX *ctx = NULL;
+-	BIGNUM d;
+ 	int r;
+ 
+ 	if (key == NULL || key->rsa == NULL ||
+@@ -99,16 +98,27 @@ ssh_rsa_generate_additional_parameters(s
+ 	}
+ 	BN_set_flags(aux, BN_FLG_CONSTTIME);
+ 
+-	BN_init(&d);
+-	BN_with_flags(&d, key->rsa->d, BN_FLG_CONSTTIME);
+-
+-	if ((BN_sub(aux, key->rsa->q, BN_value_one()) == 0) ||
+-	    (BN_mod(key->rsa->dmq1, &d, aux, ctx) == 0) ||
+-	    (BN_sub(aux, key->rsa->p, BN_value_one()) == 0) ||
+-	    (BN_mod(key->rsa->dmp1, &d, aux, ctx) == 0)) {
++	{
++	const BIGNUM *q, *d, *p;
++	BIGNUM *dmq1=NULL, *dmp1=NULL;
++	if ((dmq1 = BN_new()) == NULL ||
++	    (dmp1 = BN_new()) == NULL ) {
++		r = SSH_ERR_ALLOC_FAIL;
++		goto out;
++	}
++	RSA_get0_key(key->rsa, NULL, NULL, &d);
++	RSA_get0_factors(key->rsa, &p, &q);
++	if ((BN_sub(aux, q, BN_value_one()) == 0) ||
++	    (BN_mod(dmq1, d, aux, ctx) == 0) ||
++	    (BN_sub(aux, p, BN_value_one()) == 0) ||
++	    (BN_mod(dmp1, d, aux, ctx) == 0) ||
++	    RSA_set0_crt_params(key->rsa, dmp1, dmq1, NULL) == 0) {
+ 		r = SSH_ERR_LIBCRYPTO_ERROR;
++		BN_clear_free(dmp1);
++		BN_clear_free(dmq1);
+ 		goto out;
+ 	}
++	}
+ 	r = 0;
+  out:
+ 	BN_clear_free(aux);
+@@ -139,7 +149,7 @@ ssh_rsa_sign(const struct sshkey *key, u
+ 	if (key == NULL || key->rsa == NULL || hash_alg == -1 ||
+ 	    sshkey_type_plain(key->type) != KEY_RSA)
+ 		return SSH_ERR_INVALID_ARGUMENT;
+-	if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE)
++	if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE)
+ 		return SSH_ERR_KEY_LENGTH;
+ 	slen = RSA_size(key->rsa);
+ 	if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM)
+@@ -211,7 +221,7 @@ ssh_rsa_verify(const struct sshkey *key,
+ 	    sshkey_type_plain(key->type) != KEY_RSA ||
+ 	    sig == NULL || siglen == 0)
+ 		return SSH_ERR_INVALID_ARGUMENT;
+-	if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE)
++	if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE)
+ 		return SSH_ERR_KEY_LENGTH;
+ 
+ 	if ((b = sshbuf_from(sig, siglen)) == NULL)
+diff -aurp old/sshkey.c new/sshkey.c
+--- old/sshkey.c	2018-03-22 16:21:14.000000000 -1000
++++ new/sshkey.c	2018-03-23 10:05:03.893621860 -1000
+@@ -274,10 +274,18 @@ sshkey_size(const struct sshkey *k)
+ #ifdef WITH_OPENSSL
+ 	case KEY_RSA:
+ 	case KEY_RSA_CERT:
+-		return BN_num_bits(k->rsa->n);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000UL
++		return RSA_bits(k->rsa);
++#else
++		return RSA_bits(key->rsa);
++#endif
+ 	case KEY_DSA:
+ 	case KEY_DSA_CERT:
++#if OPENSSL_VERSION_NUMBER >= 0x10100000UL
++		return DSA_bits(k->dsa);
++#else
+ 		return BN_num_bits(k->dsa->p);
++#endif
+ 	case KEY_ECDSA:
+ 	case KEY_ECDSA_CERT:
+ 		return sshkey_curve_nid_to_bits(k->ecdsa_nid);
+@@ -482,26 +490,53 @@ sshkey_new(int type)
+ #ifdef WITH_OPENSSL
+ 	case KEY_RSA:
+ 	case KEY_RSA_CERT:
++		{
++		BIGNUM *n=NULL, *e=NULL; /* just allocate */
+ 		if ((rsa = RSA_new()) == NULL ||
+-		    (rsa->n = BN_new()) == NULL ||
+-		    (rsa->e = BN_new()) == NULL) {
++		    (n = BN_new()) == NULL ||
++		    (e = BN_new()) == NULL) {
++			BN_free(n);
++			BN_free(e);
+ 			RSA_free(rsa);
+ 			free(k);
+ 			return NULL;
+ 		}
++		BN_clear(n); BN_clear(e);
++		if (RSA_set0_key(rsa, n, e, NULL) == 0)
++			return NULL;
++		n = e = NULL;
++		}
+ 		k->rsa = rsa;
+ 		break;
+ 	case KEY_DSA:
+ 	case KEY_DSA_CERT:
++		{
++		BIGNUM *p=NULL, *q=NULL, *g=NULL, *pubkey=NULL; /* just allocate */
+ 		if ((dsa = DSA_new()) == NULL ||
+-		    (dsa->p = BN_new()) == NULL ||
+-		    (dsa->q = BN_new()) == NULL ||
+-		    (dsa->g = BN_new()) == NULL ||
+-		    (dsa->pub_key = BN_new()) == NULL) {
++		    (p = BN_new()) == NULL ||
++		    (q = BN_new()) == NULL ||
++		    (g = BN_new()) == NULL ||
++		    (pubkey = BN_new()) == NULL) {
++			BN_free(p);
++			BN_free(q);
++			BN_free(g);
++			BN_free(pubkey);
+ 			DSA_free(dsa);
+ 			free(k);
+ 			return NULL;
+ 		}
++		if (DSA_set0_pqg(dsa, p, q, g) == 0) {
++			BN_free(p); BN_free(q); BN_free(g);
++			BN_free(pubkey);
++			return NULL;
++		}
++		p = q = g = NULL;
++		if (DSA_set0_key(dsa, pubkey, NULL) == 0) {
++			BN_free(pubkey);
++			return NULL;
++		}
++		pubkey = NULL;
++		}
+ 		k->dsa = dsa;
+ 		break;
+ 	case KEY_ECDSA:
+@@ -539,6 +574,51 @@ sshkey_add_private(struct sshkey *k)
+ #ifdef WITH_OPENSSL
+ 	case KEY_RSA:
+ 	case KEY_RSA_CERT:
++#if OPENSSL_VERSION_NUMBER >= 0x10100000UL
++		/* Allocate BIGNUM. This is a mess.
++		   For OpenSSL 1.1.x API these shouldn't be mandatory,
++		   but some regression tests for non-NULL pointer of
++		   the data. */
++#define new_or_dup(bn, nbn) \
++		if (bn == NULL) { \
++			if ((nbn = BN_new()) == NULL) \
++				return SSH_ERR_ALLOC_FAIL; \
++		} else { \
++			/* otherwise use-after-free will occur */ \
++			if ((nbn = BN_dup(bn)) == NULL) \
++				return SSH_ERR_ALLOC_FAIL; \
++		}
++		{
++		const BIGNUM *d, *iqmp, *q, *p, *dmq1, *dmp1; /* allocate if NULL */
++		BIGNUM *nd, *niqmp, *nq, *np, *ndmq1, *ndmp1;
++
++		RSA_get0_key(k->rsa, NULL, NULL, &d);
++		RSA_get0_factors(k->rsa, &p, &q);
++		RSA_get0_crt_params(k->rsa, &dmp1, &dmq1, &iqmp);
++
++		new_or_dup(d, nd);
++		new_or_dup(iqmp, niqmp);
++		new_or_dup(q, nq);
++		new_or_dup(p, np);
++		new_or_dup(dmq1, ndmq1);
++		new_or_dup(dmp1, ndmp1);
++
++		if (RSA_set0_key(k->rsa, NULL, NULL, nd) == 0)
++			goto error1;
++		nd = NULL;
++		if (RSA_set0_factors(k->rsa, np, nq) == 0)
++			goto error1;
++		np = nq = NULL;
++		if (RSA_set0_crt_params(k->rsa, ndmp1, ndmq1, niqmp) == 0) {
++error1:
++			BN_free(nd);
++			BN_free(np); BN_free(nq);
++			BN_free(ndmp1); BN_free(ndmq1); BN_free(niqmp);
++			return SSH_ERR_LIBCRYPTO_ERROR;
++		}
++		ndmp1 = ndmq1 = niqmp = NULL;
++		}
++#else
+ #define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL)
+ 		if (bn_maybe_alloc_failed(k->rsa->d) ||
+ 		    bn_maybe_alloc_failed(k->rsa->iqmp) ||
+@@ -547,13 +627,28 @@ sshkey_add_private(struct sshkey *k)
+ 		    bn_maybe_alloc_failed(k->rsa->dmq1) ||
+ 		    bn_maybe_alloc_failed(k->rsa->dmp1))
+ 			return SSH_ERR_ALLOC_FAIL;
++#endif
+ 		break;
+ 	case KEY_DSA:
+ 	case KEY_DSA_CERT:
++#if OPENSSL_VERSION_NUMBER >= 0x10100000UL
++		{
++		const BIGNUM *priv_key;
++		BIGNUM *npriv_key;
++		DSA_get0_key(k->dsa, NULL, &priv_key);
++		new_or_dup(priv_key, npriv_key);
++		if (DSA_set0_key(k->dsa, NULL, npriv_key) == 0) {
++			BN_free(npriv_key);
++			return SSH_ERR_LIBCRYPTO_ERROR;
++		}
++		}
++#else
+ 		if (bn_maybe_alloc_failed(k->dsa->priv_key))
+ 			return SSH_ERR_ALLOC_FAIL;
++#endif
+ 		break;
+ #undef bn_maybe_alloc_failed
++#undef new_or_dup
+ 	case KEY_ECDSA:
+ 	case KEY_ECDSA_CERT:
+ 		/* Cannot do anything until we know the group */
+@@ -677,16 +772,34 @@ sshkey_equal_public(const struct sshkey
+ #ifdef WITH_OPENSSL
+ 	case KEY_RSA_CERT:
+ 	case KEY_RSA:
+-		return a->rsa != NULL && b->rsa != NULL &&
+-		    BN_cmp(a->rsa->e, b->rsa->e) == 0 &&
+-		    BN_cmp(a->rsa->n, b->rsa->n) == 0;
++		{
++		const BIGNUM *a_e, *b_e, *a_n, *b_n;
++		const BIGNUM *a_d, *b_d;
++		if (a->rsa == NULL) return 0;
++		if (b->rsa == NULL) return 0;
++		RSA_get0_key(a->rsa, &a_n, &a_e, &a_d);
++		RSA_get0_key(b->rsa, &b_n, &b_e, &b_d);
++		return 
++		    BN_cmp(a_e, b_e) == 0 &&
++		    BN_cmp(a_n, b_n) == 0;
++		}
+ 	case KEY_DSA_CERT:
+ 	case KEY_DSA:
+-		return a->dsa != NULL && b->dsa != NULL &&
+-		    BN_cmp(a->dsa->p, b->dsa->p) == 0 &&
+-		    BN_cmp(a->dsa->q, b->dsa->q) == 0 &&
+-		    BN_cmp(a->dsa->g, b->dsa->g) == 0 &&
+-		    BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0;
++		{
++		const BIGNUM *a_p, *a_q, *a_g, *a_pub_key;
++		const BIGNUM *b_p, *b_q, *b_g, *b_pub_key;
++		if (a->dsa == NULL) return 0;
++		if (b->dsa == NULL) return 0;
++		DSA_get0_pqg(a->dsa, &a_p, &a_q, &a_g);
++		DSA_get0_pqg(b->dsa, &b_p, &b_q, &b_g);
++		DSA_get0_key(a->dsa, &a_pub_key, NULL);
++		DSA_get0_key(b->dsa, &b_pub_key, NULL);
++		return 
++		    BN_cmp(a_p, b_p) == 0 &&
++		    BN_cmp(a_q, b_q) == 0 &&
++		    BN_cmp(a_g, b_g) == 0 &&
++		    BN_cmp(a_pub_key, b_pub_key) == 0;
++		}
+ # ifdef OPENSSL_HAS_ECC
+ 	case KEY_ECDSA_CERT:
+ 	case KEY_ECDSA:
+@@ -775,12 +888,17 @@ to_blob_buf(const struct sshkey *key, st
+ 	case KEY_DSA:
+ 		if (key->dsa == NULL)
+ 			return SSH_ERR_INVALID_ARGUMENT;
++		{
++		const BIGNUM *p, *q, *g, *pub_key;
++		DSA_get0_pqg(key->dsa, &p, &q, &g);
++		DSA_get0_key(key->dsa, &pub_key, NULL);
+ 		if ((ret = sshbuf_put_cstring(b, typename)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(b, key->dsa->p)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(b, key->dsa->q)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(b, key->dsa->g)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0)
++		    (ret = sshbuf_put_bignum2(b, p)) != 0 ||
++		    (ret = sshbuf_put_bignum2(b, q)) != 0 ||
++		    (ret = sshbuf_put_bignum2(b, g)) != 0 ||
++		    (ret = sshbuf_put_bignum2(b, pub_key)) != 0)
+ 			return ret;
++		}
+ 		break;
+ # ifdef OPENSSL_HAS_ECC
+ 	case KEY_ECDSA:
+@@ -796,10 +914,14 @@ to_blob_buf(const struct sshkey *key, st
+ 	case KEY_RSA:
+ 		if (key->rsa == NULL)
+ 			return SSH_ERR_INVALID_ARGUMENT;
++		{
++		const BIGNUM *e, *n;
++		RSA_get0_key(key->rsa, &n, &e, NULL);
+ 		if ((ret = sshbuf_put_cstring(b, typename)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(b, key->rsa->e)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(b, key->rsa->n)) != 0)
++		    (ret = sshbuf_put_bignum2(b, e)) != 0 ||
++		    (ret = sshbuf_put_bignum2(b, n)) != 0)
+ 			return ret;
++		}
+ 		break;
+ #endif /* WITH_OPENSSL */
+ 	case KEY_ED25519:
+@@ -1740,13 +1862,32 @@ sshkey_from_private(const struct sshkey
+ 	case KEY_DSA_CERT:
+ 		if ((n = sshkey_new(k->type)) == NULL)
+ 			return SSH_ERR_ALLOC_FAIL;
+-		if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
+-		    (BN_copy(n->dsa->q, k->dsa->q) == NULL) ||
+-		    (BN_copy(n->dsa->g, k->dsa->g) == NULL) ||
+-		    (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL)) {
++		{
++		const BIGNUM *p, *q, *g, *pub_key, *priv_key;
++		BIGNUM *cp=NULL, *cq=NULL, *cg=NULL, *cpub_key=NULL;
++		DSA_get0_pqg(k->dsa, &p, &q, &g);
++		DSA_get0_key(k->dsa, &pub_key, &priv_key);
++		if ((cp = BN_dup(p)) == NULL ||
++		    (cq = BN_dup(q)) == NULL ||
++		    (cg = BN_dup(g)) == NULL ||
++		    (cpub_key = BN_dup(pub_key)) == NULL) {
++			BN_free(cp); BN_free(cq); BN_free(cg);
++			BN_free(cpub_key);
+ 			sshkey_free(n);
+ 			return SSH_ERR_ALLOC_FAIL;
+ 		}
++		if (DSA_set0_pqg(n->dsa, cp, cq, cg) == 0)
++			goto error1;
++		cp = cq = cg = NULL;
++		if (DSA_set0_key(n->dsa, cpub_key, NULL) == 0) {
++error1:
++			BN_free(cp); BN_free(cq); BN_free(cg);
++			BN_free(cpub_key);
++			sshkey_free(n);
++			return SSH_ERR_LIBCRYPTO_ERROR;
++		}
++		cpub_key = NULL;
++		}
+ 		break;
+ # ifdef OPENSSL_HAS_ECC
+ 	case KEY_ECDSA:
+@@ -1770,11 +1911,23 @@ sshkey_from_private(const struct sshkey
+ 	case KEY_RSA_CERT:
+ 		if ((n = sshkey_new(k->type)) == NULL)
+ 			return SSH_ERR_ALLOC_FAIL;
+-		if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
+-		    (BN_copy(n->rsa->e, k->rsa->e) == NULL)) {
++		{
++		const BIGNUM *nn, *e, *d;
++		BIGNUM *cn=NULL, *ce=NULL;
++		RSA_get0_key(k->rsa, &nn, &e, &d);
++		if ((cn = BN_dup(nn)) == NULL ||
++		    (ce = BN_dup(e)) == NULL ) {
++			BN_free(cn); BN_free(ce);
+ 			sshkey_free(n);
+ 			return SSH_ERR_ALLOC_FAIL;
+ 		}
++		if (RSA_set0_key(n->rsa, cn, ce, NULL) == 0) {
++			BN_free(cn); BN_free(ce);
++			sshkey_free(n);
++			return SSH_ERR_LIBCRYPTO_ERROR;
++		}
++		cn = ce = NULL;
++		}
+ 		break;
+ #endif /* WITH_OPENSSL */
+ 	case KEY_ED25519:
+@@ -1995,12 +2148,27 @@ sshkey_from_blob_internal(struct sshbuf
+ 			ret = SSH_ERR_ALLOC_FAIL;
+ 			goto out;
+ 		}
+-		if (sshbuf_get_bignum2(b, key->rsa->e) != 0 ||
+-		    sshbuf_get_bignum2(b, key->rsa->n) != 0) {
++		{
++		BIGNUM *e=NULL, *n=NULL;
++		if ((e = BN_new()) == NULL ||
++		    (n = BN_new()) == NULL ) {
++			ret = SSH_ERR_ALLOC_FAIL;
++			BN_free(e); BN_free(n);
++			goto out;
++		}
++		if (sshbuf_get_bignum2(b, e) != 0 ||
++		    sshbuf_get_bignum2(b, n) != 0) {
+ 			ret = SSH_ERR_INVALID_FORMAT;
++			BN_free(e); BN_free(n);
+ 			goto out;
+ 		}
+-		if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
++		if (RSA_set0_key(key->rsa, n, e, NULL) == 0) {
++			BN_free(e); BN_free(n);
++			return SSH_ERR_LIBCRYPTO_ERROR;
++		}
++		n = e = NULL;
++		}
++		if (RSA_bits(key->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+ 			ret = SSH_ERR_KEY_LENGTH;
+ 			goto out;
+ 		}
+@@ -2020,13 +2188,36 @@ sshkey_from_blob_internal(struct sshbuf
+ 			ret = SSH_ERR_ALLOC_FAIL;
+ 			goto out;
+ 		}
+-		if (sshbuf_get_bignum2(b, key->dsa->p) != 0 ||
+-		    sshbuf_get_bignum2(b, key->dsa->q) != 0 ||
+-		    sshbuf_get_bignum2(b, key->dsa->g) != 0 ||
+-		    sshbuf_get_bignum2(b, key->dsa->pub_key) != 0) {
++		{
++		BIGNUM *p=NULL, *q=NULL, *g=NULL, *pub_key=NULL;
++		if ((p = BN_new()) == NULL ||
++		    (q = BN_new()) == NULL ||
++		    (g = BN_new()) == NULL ||
++		    (pub_key = BN_new()) == NULL) {
++			ret = SSH_ERR_ALLOC_FAIL;
++			goto error1;
++		}
++		if (sshbuf_get_bignum2(b, p) != 0 ||
++		    sshbuf_get_bignum2(b, q) != 0 ||
++		    sshbuf_get_bignum2(b, g) != 0 ||
++		    sshbuf_get_bignum2(b, pub_key) != 0) {
+ 			ret = SSH_ERR_INVALID_FORMAT;
++			goto error1;
++		}
++		if (DSA_set0_pqg(key->dsa, p, q, g) == 0) {
++			ret = SSH_ERR_LIBCRYPTO_ERROR;
++			goto error1;
++		}
++		p = q = g = NULL;
++		if (DSA_set0_key(key->dsa, pub_key, NULL) == 0) {
++			ret = SSH_ERR_LIBCRYPTO_ERROR;
++error1:
++			BN_free(p); BN_free(q); BN_free(g);
++			BN_free(pub_key);
+ 			goto out;
+ 		}
++		pub_key = NULL;
++		}
+ #ifdef DEBUG_PK
+ 		DSA_print_fp(stderr, key->dsa, 8);
+ #endif
+@@ -2327,26 +2518,63 @@ sshkey_demote(const struct sshkey *k, st
+ 			goto fail;
+ 		/* FALLTHROUGH */
+ 	case KEY_RSA:
+-		if ((pk->rsa = RSA_new()) == NULL ||
+-		    (pk->rsa->e = BN_dup(k->rsa->e)) == NULL ||
+-		    (pk->rsa->n = BN_dup(k->rsa->n)) == NULL) {
++		if ((pk->rsa = RSA_new()) == NULL ){
+ 			ret = SSH_ERR_ALLOC_FAIL;
+ 			goto fail;
+ 			}
++		{
++		const BIGNUM *ke, *kn;
++		BIGNUM *pke=NULL, *pkn=NULL;
++		RSA_get0_key(k->rsa, &kn, &ke, NULL);
++		 if ((pke = BN_dup(ke)) == NULL ||
++		     (pkn = BN_dup(kn)) == NULL) {
++			ret = SSH_ERR_ALLOC_FAIL;
++			BN_free(pke); BN_free(pkn);
++			goto fail;
++			}
++		if (RSA_set0_key(pk->rsa, pkn, pke, NULL) == 0) {
++			ret = SSH_ERR_LIBCRYPTO_ERROR;
++			BN_free(pke); BN_free(pkn);
++			goto fail;
++		}
++		pkn = pke = NULL;
++		}
+ 		break;
+ 	case KEY_DSA_CERT:
+ 		if ((ret = sshkey_cert_copy(k, pk)) != 0)
+ 			goto fail;
+ 		/* FALLTHROUGH */
+ 	case KEY_DSA:
+-		if ((pk->dsa = DSA_new()) == NULL ||
+-		    (pk->dsa->p = BN_dup(k->dsa->p)) == NULL ||
+-		    (pk->dsa->q = BN_dup(k->dsa->q)) == NULL ||
+-		    (pk->dsa->g = BN_dup(k->dsa->g)) == NULL ||
+-		    (pk->dsa->pub_key = BN_dup(k->dsa->pub_key)) == NULL) {
++		if ((pk->dsa = DSA_new()) == NULL ) {
+ 			ret = SSH_ERR_ALLOC_FAIL;
+ 			goto fail;
+ 		}
++		{
++		const BIGNUM *kp, *kq, *kg, *kpub_key;
++		BIGNUM *pkp=NULL, *pkq=NULL, *pkg=NULL, *pkpub_key=NULL;
++		DSA_get0_pqg(k->dsa, &kp, &kq, &kg);
++		DSA_get0_key(k->dsa, &kpub_key, NULL);
++		if ((pkp = BN_dup(kp)) == NULL ||
++		    (pkq = BN_dup(kq)) == NULL ||
++		    (pkg = BN_dup(kg)) == NULL ||
++		    (pkpub_key = BN_dup(kpub_key)) == NULL) {
++			ret = SSH_ERR_ALLOC_FAIL;
++			goto error1;
++		}
++		if (DSA_set0_pqg(pk->dsa, pkp, pkq, pkg) == 0) {
++			ret = SSH_ERR_LIBCRYPTO_ERROR;
++			goto error1;
++		}
++		pkp = pkq = pkg = NULL;
++		if (DSA_set0_key(pk->dsa, pkpub_key, NULL) == 0) {
++			ret = SSH_ERR_LIBCRYPTO_ERROR;
++error1:
++			BN_free(pkp); BN_free(pkq); BN_free(pkg);
++			BN_free(pkpub_key);
++			goto fail;
++		}
++		pkpub_key = NULL;
++		}
+ 		break;
+ 	case KEY_ECDSA_CERT:
+ 		if ((ret = sshkey_cert_copy(k, pk)) != 0)
+@@ -2496,11 +2724,17 @@ sshkey_certify_custom(struct sshkey *k,
+ 	switch (k->type) {
+ #ifdef WITH_OPENSSL
+ 	case KEY_DSA_CERT:
+-		if ((ret = sshbuf_put_bignum2(cert, k->dsa->p)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(cert, k->dsa->q)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(cert, k->dsa->g)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(cert, k->dsa->pub_key)) != 0)
++		{
++		const BIGNUM *p, *q, *g, *pub_key;
++		DSA_get0_pqg(k->dsa, &p, &q, &g);
++		DSA_get0_key(k->dsa, &pub_key, NULL);
++		if ((ret = sshbuf_put_bignum2(cert, p)) != 0 ||
++		    (ret = sshbuf_put_bignum2(cert, q)) != 0 ||
++		    (ret = sshbuf_put_bignum2(cert, g)) != 0 ||
++		    (ret = sshbuf_put_bignum2(cert, pub_key)) != 0) {
+ 			goto out;
++		}
++		}
+ 		break;
+ # ifdef OPENSSL_HAS_ECC
+ 	case KEY_ECDSA_CERT:
+@@ -2513,9 +2747,15 @@ sshkey_certify_custom(struct sshkey *k,
+ 		break;
+ # endif /* OPENSSL_HAS_ECC */
+ 	case KEY_RSA_CERT:
+-		if ((ret = sshbuf_put_bignum2(cert, k->rsa->e)) != 0 ||
+-		    (ret = sshbuf_put_bignum2(cert, k->rsa->n)) != 0)
++		{
++		const BIGNUM *e, *n;
++		RSA_get0_key(k->rsa, &n, &e, NULL);
++		if (n == NULL || e == NULL ||
++		    (ret = sshbuf_put_bignum2(cert, e)) != 0 ||
++		    (ret = sshbuf_put_bignum2(cert, n)) != 0) {
+ 			goto out;
++		}
++		}
+ 		break;
+ #endif /* WITH_OPENSSL */
+ 	case KEY_ED25519_CERT:
+@@ -2702,42 +2942,67 @@ sshkey_private_serialize_opt(const struc
+ 	switch (key->type) {
+ #ifdef WITH_OPENSSL
+ 	case KEY_RSA:
+-		if ((r = sshbuf_put_bignum2(b, key->rsa->n)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->e)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0)
++		{
++		const BIGNUM *n, *e, *d, *iqmp, *p, *q;
++		RSA_get0_key(key->rsa, &n, &e, &d);
++		RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp);
++		RSA_get0_factors(key->rsa, &p, &q);
++		if ((r = sshbuf_put_bignum2(b, n)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, e)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, d)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, iqmp)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, p)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, q)) != 0) {
+ 			goto out;
++		}
++		}
+ 		break;
+ 	case KEY_RSA_CERT:
+ 		if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) {
+ 			r = SSH_ERR_INVALID_ARGUMENT;
+ 			goto out;
+ 		}
++		{
++		const BIGNUM *d, *iqmp, *p, *q;
++		RSA_get0_key(key->rsa, NULL, NULL, &d);
++		RSA_get0_crt_params(key->rsa, NULL, NULL, &iqmp);
++		RSA_get0_factors(key->rsa, &p, &q);
+ 		if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->d)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->iqmp)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->p)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0)
++		    (r = sshbuf_put_bignum2(b, d)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, iqmp)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, p)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, q)) != 0) {
+ 			goto out;
++		}
++		}
+ 		break;
+ 	case KEY_DSA:
+-		if ((r = sshbuf_put_bignum2(b, key->dsa->p)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->dsa->q)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->dsa->g)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0)
++		{
++		const BIGNUM *p, *q, *g, *pub_key, *priv_key;
++		DSA_get0_pqg(key->dsa, &p, &q, &g);
++		DSA_get0_key(key->dsa, &pub_key, &priv_key);
++		if ((r = sshbuf_put_bignum2(b, p)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, q)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, g)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, pub_key)) != 0 ||
++		    (r = sshbuf_put_bignum2(b, priv_key)) != 0) {
+ 			goto out;
++		}
++		}
+ 		break;
+ 	case KEY_DSA_CERT:
+ 		if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) {
+ 			r = SSH_ERR_INVALID_ARGUMENT;
+ 			goto out;
+ 		}
++		{
++		const BIGNUM *priv_key;
++		DSA_get0_key(key->dsa, NULL, &priv_key);
+ 		if ((r = sshbuf_put_stringb(b, key->cert->certblob)) != 0 ||
+-		    (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0)
++		    (r = sshbuf_put_bignum2(b, priv_key)) != 0) {
+ 			goto out;
++		}
++		}
+ 		break;
+ # ifdef OPENSSL_HAS_ECC
+ 	case KEY_ECDSA:
+@@ -2851,18 +3116,61 @@ sshkey_private_deserialize(struct sshbuf
+ 			r = SSH_ERR_ALLOC_FAIL;
+ 			goto out;
+ 		}
+-		if ((r = sshbuf_get_bignum2(buf, k->dsa->p)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->dsa->q)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->dsa->g)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->dsa->pub_key)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0)
++		{
++		BIGNUM *p=NULL, *q=NULL, *g=NULL, *pub_key=NULL, *priv_key=NULL;
++		if ((p = BN_new()) == NULL ||
++		    (q = BN_new()) == NULL ||
++		    (g = BN_new()) == NULL ||
++		    (pub_key = BN_new()) == NULL ||
++		    (priv_key = BN_new()) == NULL) {
++			r = SSH_ERR_ALLOC_FAIL;
++			goto error1;
++		}
++		if (p == NULL || q == NULL || g == NULL ||
++		    pub_key == NULL || priv_key == NULL ||
++		    (r = sshbuf_get_bignum2(buf, p)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, q)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, g)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, pub_key)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, priv_key)) != 0) {
++			goto error1;
++		}
++		if (DSA_set0_pqg(k->dsa, p, q, g) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++			goto error1;
++		}
++		p = q = g = NULL;
++		if (DSA_set0_key(k->dsa, pub_key, priv_key) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++error1:
++			BN_free(p); BN_free(q); BN_free(g);
++			BN_free(pub_key); BN_free(priv_key);
+ 			goto out;
++		}
++		pub_key = priv_key = NULL;
++		}
+ 		break;
+ 	case KEY_DSA_CERT:
+-		if ((r = sshkey_froms(buf, &k)) != 0 ||
++		{
++		BIGNUM *priv_key=NULL;
++		if ((priv_key = BN_new()) == NULL) {
++			r = SSH_ERR_ALLOC_FAIL;
++			goto out;
++		}
++		if (priv_key == NULL ||
++		    (r = sshkey_froms(buf, &k)) != 0 ||
+ 		    (r = sshkey_add_private(k)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0)
++		    (r = sshbuf_get_bignum2(buf, priv_key)) != 0) {
++			BN_free(priv_key);
++			goto out;
++		}
++		if (DSA_set0_key(k->dsa, NULL, priv_key) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++			BN_free(priv_key);
+ 			goto out;
++		}
++		priv_key = NULL;
++		}
+ 		break;
+ # ifdef OPENSSL_HAS_ECC
+ 	case KEY_ECDSA:
+@@ -2921,29 +3229,104 @@ sshkey_private_deserialize(struct sshbuf
+ 			r = SSH_ERR_ALLOC_FAIL;
+ 			goto out;
+ 		}
+-		if ((r = sshbuf_get_bignum2(buf, k->rsa->n)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->e)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 ||
+-		    (r = ssh_rsa_generate_additional_parameters(k)) != 0)
++		{
++		BIGNUM *n=NULL, *e=NULL, *d=NULL, *iqmp=NULL, *p=NULL, *q=NULL;
++		BIGNUM *dmp1=NULL, *dmq1=NULL; /* dummy for RSA_set0_crt_params */
++		if ((n = BN_new()) == NULL ||
++		    (e = BN_new()) == NULL ||
++		    (d = BN_new()) == NULL ||
++		    (iqmp = BN_new()) == NULL ||
++		    (p = BN_new()) == NULL ||
++		    (q = BN_new()) == NULL ||
++		    (dmp1 = BN_new()) == NULL ||
++		    (dmq1 = BN_new()) == NULL) {
++			r = SSH_ERR_ALLOC_FAIL;
++			goto error2;
++		}
++		BN_clear(dmp1); BN_clear(dmq1);
++		if ((r = sshbuf_get_bignum2(buf, n)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, e)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, d)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, iqmp)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, p)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, q)) != 0) {
++			goto error2;
++		}
++		if (RSA_set0_key(k->rsa, n, e, d) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++			goto error2;
++		}
++		n = e = d = NULL;
++		/* dmp1,dmpq1 should be non NULL to set iqmp value */
++		if (RSA_set0_crt_params(k->rsa, dmp1, dmq1, iqmp) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++			goto error2;
++		}
++		dmp1 = dmq1 = iqmp = NULL;
++		if (RSA_set0_factors(k->rsa, p, q) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++ error2:
++			BN_free(n); BN_free(e); BN_free(d);
++			BN_free(iqmp);
++			BN_free(p); BN_free(q);
++			BN_free(dmp1); BN_free(dmq1);
++			goto out;
++		}
++		p = q = NULL;
++		if ((r = ssh_rsa_generate_additional_parameters(k)) != 0) {
+ 			goto out;
+-		if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
++		}
++		}
++		if (RSA_bits(k->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+ 			r = SSH_ERR_KEY_LENGTH;
+ 			goto out;
+ 		}
+ 		break;
+ 	case KEY_RSA_CERT:
++		{
++		BIGNUM *d=NULL, *iqmp=NULL, *p=NULL, *q=NULL;
++		BIGNUM *dmp1=NULL, *dmq1=NULL; /* dummy for RSA_set0_crt_params */
++		if ((d = BN_new()) == NULL ||
++		    (iqmp = BN_new()) == NULL ||
++		    (p = BN_new()) == NULL ||
++		    (q = BN_new()) == NULL ||
++		    (dmp1 = BN_new()) == NULL ||
++		    (dmq1 = BN_new()) == NULL) {
++			r = SSH_ERR_ALLOC_FAIL;
++			goto error3;
++		}
++		BN_clear(dmp1); BN_clear(dmq1);
+ 		if ((r = sshkey_froms(buf, &k)) != 0 ||
+ 		    (r = sshkey_add_private(k)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 ||
+-		    (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 ||
+-		    (r = ssh_rsa_generate_additional_parameters(k)) != 0)
++		    (r = sshbuf_get_bignum2(buf, d)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, iqmp)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, p)) != 0 ||
++		    (r = sshbuf_get_bignum2(buf, q)) != 0) {
++			goto error3;
++		}
++		if (RSA_set0_key(k->rsa, NULL, NULL, d) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++			goto error3;
++		}
++		/* dmp1,dmpq1 should be non NULL to set value */
++		if (RSA_set0_crt_params(k->rsa, dmp1, dmq1, iqmp) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++			goto error3;
++		}
++		dmp1 = dmq1 = iqmp = NULL;
++		if (RSA_set0_factors(k->rsa, p, q) == 0) {
++			r = SSH_ERR_LIBCRYPTO_ERROR;
++ error3:
++			BN_free(d); BN_free(iqmp);
++			BN_free(p); BN_free(q);
++			BN_free(dmp1); BN_free(dmq1);
+ 			goto out;
+-		if (BN_num_bits(k->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
++		}
++		p = q = NULL;
++		if ((r = ssh_rsa_generate_additional_parameters(k)) != 0)
++			goto out;
++		}
++		if (RSA_bits(k->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+ 			r = SSH_ERR_KEY_LENGTH;
+ 			goto out;
+ 		}
+@@ -3707,7 +4090,6 @@ translate_libcrypto_error(unsigned long
+ 		switch (pem_reason) {
+ 		case EVP_R_BAD_DECRYPT:
+ 			return SSH_ERR_KEY_WRONG_PASSPHRASE;
+-		case EVP_R_BN_DECODE_ERROR:
+ 		case EVP_R_DECODE_ERROR:
+ #ifdef EVP_R_PRIVATE_KEY_DECODE_ERROR
+ 		case EVP_R_PRIVATE_KEY_DECODE_ERROR:
+@@ -3772,7 +4154,7 @@ sshkey_parse_private_pem_fileblob(struct
+ 		r = convert_libcrypto_error();
+ 		goto out;
+ 	}
+-	if (pk->type == EVP_PKEY_RSA &&
++	if (EVP_PKEY_id(pk) == EVP_PKEY_RSA &&
+ 	    (type == KEY_UNSPEC || type == KEY_RSA)) {
+ 		if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) {
+ 			r = SSH_ERR_ALLOC_FAIL;
+@@ -3787,11 +4169,11 @@ sshkey_parse_private_pem_fileblob(struct
+ 			r = SSH_ERR_LIBCRYPTO_ERROR;
+ 			goto out;
+ 		}
+-		if (BN_num_bits(prv->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
++		if (RSA_bits(prv->rsa) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
+ 			r = SSH_ERR_KEY_LENGTH;
+ 			goto out;
+ 		}
+-	} else if (pk->type == EVP_PKEY_DSA &&
++	} else if (EVP_PKEY_id(pk) == EVP_PKEY_DSA &&
+ 	    (type == KEY_UNSPEC || type == KEY_DSA)) {
+ 		if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) {
+ 			r = SSH_ERR_ALLOC_FAIL;
+@@ -3803,7 +4185,7 @@ sshkey_parse_private_pem_fileblob(struct
+ 		DSA_print_fp(stderr, prv->dsa, 8);
+ #endif
+ #ifdef OPENSSL_HAS_ECC
+-	} else if (pk->type == EVP_PKEY_EC &&
++	} else if (EVP_PKEY_id(pk) == EVP_PKEY_EC &&
+ 	    (type == KEY_UNSPEC || type == KEY_ECDSA)) {
+ 		if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) {
+ 			r = SSH_ERR_ALLOC_FAIL;
diff --git a/source/n/openssh/rc.sshd b/source/n/openssh/rc.sshd
index 2da2ab307..eea6c6a74 100644
--- a/source/n/openssh/rc.sshd
+++ b/source/n/openssh/rc.sshd
@@ -1,6 +1,11 @@
 #!/bin/sh
 # Start/stop/restart the secure shell server:
 
+# Source options
+if [ -r /etc/default/sshd ]; then
+  . /etc/default/sshd
+fi
+
 sshd_start() {
   # Create host keys if needed.
   if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
@@ -18,7 +23,7 @@ sshd_start() {
   # Catch any new host key types not yet created above:
   /usr/bin/ssh-keygen -A
   # Start the sshd daemon:
-  /usr/sbin/sshd
+  /usr/sbin/sshd $SSHD_OPTS
 }
 
 sshd_stop() {
diff --git a/source/n/openssh/slack-desc b/source/n/openssh/slack-desc
index 04277a720..6d5aec5e6 100644
--- a/source/n/openssh/slack-desc
+++ b/source/n/openssh/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 openssh: openssh (Secure Shell daemon and clients)
 openssh:
 openssh: ssh (Secure Shell) is a program for logging into a remote machine and
-openssh: for executing commands on a remote machine.  It is intended to replace
+openssh: for executing commands on a remote machine. It is intended to replace
 openssh: rlogin and rsh, and provide secure encrypted communications between
-openssh: two untrusted hosts over an insecure network.  sshd (SSH Daemon) is
-openssh: the daemon program for ssh.  OpenSSH is based on the last free version
+openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is
+openssh: the daemon program for ssh. OpenSSH is based on the last free version
 openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron
 openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and
-openssh: Dug Song.  It has a homepage at http://www.openssh.com/
+openssh: Dug Song. It has a homepage at http://www.openssh.com/
 openssh:
diff --git a/source/n/openssh/sshd.default b/source/n/openssh/sshd.default
new file mode 100644
index 000000000..6cab3ba31
--- /dev/null
+++ b/source/n/openssh/sshd.default
@@ -0,0 +1,10 @@
+# Optional arguments to start sshd with.
+#
+# Note that using the -p flag causes any Port directives 
+# in sshd_config(5) to be ignored.
+#
+# If you want to run sshd on non-standard port(s), use:
+#SSHD_OPTS="-p 12345 -p 6789"
+#
+# If you want to use non-standard sshd_config, use:
+#SSHD_OPTS="-f /some/other/sshd_config"
diff --git a/source/n/openssl/openssl-1.1.0h.fix_c_rehash_quoting.diff b/source/n/openssl/openssl-1.1.0h.fix_c_rehash_quoting.diff
new file mode 100644
index 000000000..6a9cce8ff
--- /dev/null
+++ b/source/n/openssl/openssl-1.1.0h.fix_c_rehash_quoting.diff
@@ -0,0 +1,13 @@
+--- ./tools/c_rehash.in.orig	2018-03-27 08:50:41.000000000 -0500
++++ ./tools/c_rehash.in	2018-05-14 13:47:20.553710437 -0500
+@@ -11,8 +11,8 @@
+ # Perl c_rehash script, scan all files in a directory
+ # and add symbolic links to their hash values.
+ 
+-my $dir = {- quotify1($config{openssldir}) -};
+-my $prefix = {- quotify1($config{prefix}) -};
++my $dir = "{- quotify1($config{openssldir}) -}";
++my $prefix = "{- quotify1($config{prefix}) -}";
+ 
+ my $errorcount = 0;
+ my $openssl = $ENV{OPENSSL} || "openssl";
diff --git a/source/n/openssl/openssl.SlackBuild b/source/n/openssl/openssl.SlackBuild
index 00b80226f..c5ecb8292 100755
--- a/source/n/openssl/openssl.SlackBuild
+++ b/source/n/openssl/openssl.SlackBuild
@@ -1,8 +1,8 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2000 BSDi, Inc. Concord, CA, USA
 # Copyright 2001, 2002 Slackware Linux, Inc.  Concord, CA, USA
-# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -22,13 +22,13 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-
 # Set initial variables:
-CWD=$(pwd)
+cd $(dirname $0) ; CWD=$(pwd)
 TMP=${TMP:-/tmp}
 
+PKGNAM=openssl
 VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -45,6 +45,15 @@ PKG2=$TMP/package-ossllibs
 NAME1=openssl-$VERSION-$ARCH-$BUILD
 NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "${NAME1}.txz"
+  echo "${NAME2}.txz"
+  exit 0
+fi
+
 # Parallel build doesn't link properly.
 #NUMJOBS=${NUMJOBS:--j6}
 
@@ -60,8 +69,9 @@ cd openssl-$VERSION
 # Fix pod syntax errors which are fatal wih a newer perl:
 find . -name "*.pod" -exec sed -i "s/^\=item \([0-9]\)\(\ \|$\)/\=item C<\1>/g" {} \;
 
-# Use .so.1, not .so.1.0.0:
-sed -i "s/soname=\$\$SHLIB\$\$SHLIB_SOVER\$\$SHLIB_SUFFIX/soname=\$\$SHLIB.1/g" Makefile.shared
+## For openssl-1.1.x, don't try to change the soname.
+## Use .so.1, not .so.1.0.0:
+#sed -i "s/soname=\$\$SHLIB\$\$SHLIB_SOVER\$\$SHLIB_SUFFIX/soname=\$\$SHLIB.1/g" Makefile.shared
 
 if [ "$ARCH" = "i586" ]; then
   # Build with -march=i586 -mtune=i686:
@@ -75,19 +85,23 @@ elif [ "$ARCH" = "x86_64" ]; then
   LIBDIRSUFFIX="64"
 fi
 
+# Fix a lack of quotes in two c_rehash lines:
+zcat $CWD/openssl-1.1.0h.fix_c_rehash_quoting.diff.gz | patch -p1 --verbose || exit 1
+
 # OpenSSL has a (nasty?) habit of bumping the internal version number with
 # every release.  This wouldn't be so bad, but some applications are so
 # paranoid that they won't run against a different OpenSSL version than
 # what they were compiled against, whether or not the ABI has changed.
 #
-# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.0.2e unless ABI
+# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.1.0h unless ABI
 # breakage forces it to change.  Yes, we're finally using this old trick.  :)
-sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x1000205fL (1.0.2e) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x1000205fL/g" crypto/opensslv.h || exit 1
+sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x1010008fL (1.1.0h) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x1000205fL/g" include/openssl/opensslv.h || exit 1
 
 chown -R root:root .
 mkdir -p $PKG1/usr/doc/openssl-$VERSION
-cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \
-  LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION
+cp -a ACKNOWLEDGEMENTS AUTHORS CHANGES* CONTRIBUTING FAQ INSTALL* \
+  LICENSE* NEWS NOTES* README* doc \
+  $PKG1/usr/doc/openssl-$VERSION
 find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \;
 find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \;
 
@@ -103,7 +117,6 @@ fi
 # name   #         expires
 # MDC-2: 4,908,861  2007-03-13, not included.
 # IDEA:  5,214,703  2010-05-25, not included.
-# RC5:   5,724,428  2015-03-03, not included.
 #
 # Although all of the above are expired, it's still probably
 # not a good idea to include them as there are better
@@ -112,19 +125,33 @@ fi
 ./config \
  --prefix=/usr \
  --openssldir=/etc/ssl \
+ zlib \
+ enable-camellia \
+ enable-seed \
+ enable-rfc3779 \
+ enable-cms \
+ enable-md2 \
+ enable-rc5 \
+ enable-ssl3 \
+ enable-ssl3-method \
+ no-weak-ssl-ciphers \
  no-mdc2 \
+ no-ec2m \
  no-idea \
- no-rc5 \
  no-sse2 \
- no-ssl2 \
- no-weak-ssl-ciphers \
  shared
 
 make $NUMJOBS depend || make depend || exit 1
 
 make $NUMJOBS || make || exit 1
 
-make install INSTALL_PREFIX=$PKG1 || exit 1
+make install DESTDIR=$PKG1 || exit 1
+
+# No thanks on the static libraries:
+rm -f $PKG1/usr/lib${LIBDIRSUFFIX}/*.a
+
+# No thanks on manpages duplicated as html:
+rm -rf $PKG1/usr/share/doc
 
 # Make the .so.? library symlinks:
 ( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* )
@@ -146,17 +173,33 @@ mkdir -p $PKG1/etc/cron.daily
 zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new
 chmod 755 $PKG1/etc/cron.daily/certwatch.new
 
+# Make config file non-clobber:
 mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new
 
+# Remove duplicate config file:
+rm -f $PKG1/etc/ssl/openssl.cnf.dist
+
 ( cd $PKG1
   find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
   find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 )
 
-mv $PKG1/etc/ssl/man $PKG1/usr
-( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 )
-( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 )
-( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 )
+# Relocate the manpages:
+mv $PKG1/usr/share/man $PKG1/usr
+rmdir $PKG1/usr/share
+
+# Fix manpage name collisions, and relink anything that linked to the old name:
+( cd $PKG1/usr/man/man1
+  mv passwd.1 ssl_passwd.1
+  for file in *.1 ; do
+    if [ -L $file ]; then
+      if [ "$(readlink $file)" = "passwd.1" ]; then
+        rm -f $file
+        ln -sf ssl_passwd.1 $file
+      fi
+    fi
+  done )
+
 # Compress and symlink the man pages:
 if [ -d $PKG1/usr/man ]; then
   ( cd $PKG1/usr/man
@@ -172,18 +215,18 @@ if [ -d $PKG1/usr/man ]; then
   )
 fi
 
-# If there's an openssl0 directory, then build openssl-0 shared libraries for
+# If there's an openssl1 directory, then build openssl-1.0 shared libraries for
 # compatibility with programs linked to those:
-if [ -d $CWD/openssl0 ]; then
-  ( cd $CWD/openssl0
-    ./openssl0.build || exit 1
+if [ -d $CWD/openssl1 ]; then
+  ( cd $CWD/openssl1
+    ./openssl1.build || exit 1
   ) || exit 1
   # Don't put these in the openssl package...  openssl-solibs is enough.
   #mkdir -p $PKG1/lib${LIBDIRSUFFIX}
-  #cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG1/lib${LIBDIRSUFFIX}
+  #cp -a $TMP/package-openssl1/usr/lib/lib*.so.?.?.? $PKG1/lib${LIBDIRSUFFIX}
   #( cd $PKG1/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? )
   mkdir -p $PKG2/lib${LIBDIRSUFFIX}
-  cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG2/lib${LIBDIRSUFFIX}
+  cp -a $TMP/package-openssl1/usr/lib${LIBDIRSUFFIX}/lib*.so.?.?.? $PKG2/lib${LIBDIRSUFFIX}
   ( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? )
 fi
 
diff --git a/source/n/openssl/slack-desc.openssl b/source/n/openssl/slack-desc.openssl
index 57227c043..685abd95b 100644
--- a/source/n/openssl/slack-desc.openssl
+++ b/source/n/openssl/slack-desc.openssl
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
@@ -12,8 +12,8 @@ openssl: The OpenSSL certificate management tool and the shared libraries that
 openssl: provide various encryption and decryption algorithms and protocols.
 openssl:
 openssl: This product includes software developed by the OpenSSL Project for
-openssl: use in the OpenSSL Toolkit (http://www.openssl.org).  This product
+openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product
 openssl: includes cryptographic software written by Eric Young
-openssl: (eay@cryptsoft.com).  This product includes software written by Tim
+openssl: (eay@cryptsoft.com). This product includes software written by Tim
 openssl: Hudson (tjh@cryptsoft.com).
 openssl:
diff --git a/source/n/openssl/slack-desc.openssl-solibs b/source/n/openssl/slack-desc.openssl-solibs
index 58609e68b..8b424e066 100644
--- a/source/n/openssl/slack-desc.openssl-solibs
+++ b/source/n/openssl/slack-desc.openssl-solibs
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
               |-----handy-ruler------------------------------------------------------|
@@ -12,8 +12,8 @@ openssl-solibs: These shared libraries provide encryption routines required by
 openssl-solibs: programs such as openssh, bind, sendmail, and many others.
 openssl-solibs:
 openssl-solibs: This product includes software developed by the OpenSSL Project for
-openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org).  This product
+openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product
 openssl-solibs: includes cryptographic software written by Eric Young
-openssl-solibs: (eay@cryptsoft.com).  This product includes software written by Tim
+openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim
 openssl-solibs: Hudson (tjh@cryptsoft.com).
 openssl-solibs:
diff --git a/source/n/openssl10/openssl-1.0-versioned-symbols.patch b/source/n/openssl10/openssl-1.0-versioned-symbols.patch
new file mode 100644
index 000000000..71759a9c1
--- /dev/null
+++ b/source/n/openssl10/openssl-1.0-versioned-symbols.patch
@@ -0,0 +1,4667 @@
+---
+ Configure                 |    2 
+ engines/ccgost/openssl.ld |   10 
+ engines/openssl.ld        |   10 
+ openssl.ld                | 4620 ++++++++++++++++++++++++++++++++++++++++++++++
+ 4 files changed, 4642 insertions(+)
+
+--- a/Configure
++++ b/Configure
+@@ -1730,6 +1730,8 @@ if ($strict_warnings)
+ 		}
+ 	}
+ 
++$shared_ldflag .= " -Wl,--version-script=openssl.ld";
++
+ open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
+ unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
+ open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
+--- /dev/null
++++ b/engines/ccgost/openssl.ld
+@@ -0,0 +1,10 @@
++OPENSSL_1.0.0 {
++	global:
++		bind_engine;
++		v_check;
++		OPENSSL_init;
++		OPENSSL_finish;
++	local:
++		*;
++};
++
+--- /dev/null
++++ b/engines/openssl.ld
+@@ -0,0 +1,10 @@
++OPENSSL_1.0.0 {
++	global:
++		bind_engine;
++		v_check;
++		OPENSSL_init;
++		OPENSSL_finish;
++	local:
++		*;
++};
++
+--- /dev/null
++++ b/openssl.ld
+@@ -0,0 +1,4620 @@
++OPENSSL_1.0.0 {
++	global:
++		BIO_f_ssl;
++		BIO_new_buffer_ssl_connect;
++		BIO_new_ssl;
++		BIO_new_ssl_connect;
++		BIO_proxy_ssl_copy_session_id;
++		BIO_ssl_copy_session_id;
++		BIO_ssl_shutdown;
++		d2i_SSL_SESSION;
++		DTLSv1_client_method;
++		DTLSv1_method;
++		DTLSv1_server_method;
++		ERR_load_SSL_strings;
++		i2d_SSL_SESSION;
++		kssl_build_principal_2;
++		kssl_cget_tkt;
++		kssl_check_authent;
++		kssl_ctx_free;
++		kssl_ctx_new;
++		kssl_ctx_setkey;
++		kssl_ctx_setprinc;
++		kssl_ctx_setstring;
++		kssl_ctx_show;
++		kssl_err_set;
++		kssl_krb5_free_data_contents;
++		kssl_sget_tkt;
++		kssl_skip_confound;
++		kssl_validate_times;
++		PEM_read_bio_SSL_SESSION;
++		PEM_read_SSL_SESSION;
++		PEM_write_bio_SSL_SESSION;
++		PEM_write_SSL_SESSION;
++		SSL_accept;
++		SSL_add_client_CA;
++		SSL_add_dir_cert_subjects_to_stack;
++		SSL_add_dir_cert_subjs_to_stk;
++		SSL_add_file_cert_subjects_to_stack;
++		SSL_add_file_cert_subjs_to_stk;
++		SSL_alert_desc_string;
++		SSL_alert_desc_string_long;
++		SSL_alert_type_string;
++		SSL_alert_type_string_long;
++		SSL_callback_ctrl;
++		SSL_check_private_key;
++		SSL_CIPHER_description;
++		SSL_CIPHER_get_bits;
++		SSL_CIPHER_get_name;
++		SSL_CIPHER_get_version;
++		SSL_clear;
++		SSL_COMP_add_compression_method;
++		SSL_COMP_get_compression_methods;
++		SSL_COMP_get_compress_methods;
++		SSL_COMP_get_name;
++		SSL_connect;
++		SSL_copy_session_id;
++		SSL_ctrl;
++		SSL_CTX_add_client_CA;
++		SSL_CTX_add_session;
++		SSL_CTX_callback_ctrl;
++		SSL_CTX_check_private_key;
++		SSL_CTX_ctrl;
++		SSL_CTX_flush_sessions;
++		SSL_CTX_free;
++		SSL_CTX_get_cert_store;
++		SSL_CTX_get_client_CA_list;
++		SSL_CTX_get_client_cert_cb;
++		SSL_CTX_get_ex_data;
++		SSL_CTX_get_ex_new_index;
++		SSL_CTX_get_info_callback;
++		SSL_CTX_get_quiet_shutdown;
++		SSL_CTX_get_timeout;
++		SSL_CTX_get_verify_callback;
++		SSL_CTX_get_verify_depth;
++		SSL_CTX_get_verify_mode;
++		SSL_CTX_load_verify_locations;
++		SSL_CTX_new;
++		SSL_CTX_remove_session;
++		SSL_CTX_sess_get_get_cb;
++		SSL_CTX_sess_get_new_cb;
++		SSL_CTX_sess_get_remove_cb;
++		SSL_CTX_sessions;
++		SSL_CTX_sess_set_get_cb;
++		SSL_CTX_sess_set_new_cb;
++		SSL_CTX_sess_set_remove_cb;
++		SSL_CTX_set1_param;
++		SSL_CTX_set_cert_store;
++		SSL_CTX_set_cert_verify_callback;
++		SSL_CTX_set_cert_verify_cb;
++		SSL_CTX_set_cipher_list;
++		SSL_CTX_set_client_CA_list;
++		SSL_CTX_set_client_cert_cb;
++		SSL_CTX_set_client_cert_engine;
++		SSL_CTX_set_cookie_generate_cb;
++		SSL_CTX_set_cookie_verify_cb;
++		SSL_CTX_set_default_passwd_cb;
++		SSL_CTX_set_default_passwd_cb_userdata;
++		SSL_CTX_set_default_verify_paths;
++		SSL_CTX_set_def_passwd_cb_ud;
++		SSL_CTX_set_def_verify_paths;
++		SSL_CTX_set_ex_data;
++		SSL_CTX_set_generate_session_id;
++		SSL_CTX_set_info_callback;
++		SSL_CTX_set_msg_callback;
++		SSL_CTX_set_psk_client_callback;
++		SSL_CTX_set_psk_server_callback;
++		SSL_CTX_set_purpose;
++		SSL_CTX_set_quiet_shutdown;
++		SSL_CTX_set_session_id_context;
++		SSL_CTX_set_ssl_version;
++		SSL_CTX_set_timeout;
++		SSL_CTX_set_tmp_dh_callback;
++		SSL_CTX_set_tmp_ecdh_callback;
++		SSL_CTX_set_tmp_rsa_callback;
++		SSL_CTX_set_trust;
++		SSL_CTX_set_verify;
++		SSL_CTX_set_verify_depth;
++		SSL_CTX_use_cert_chain_file;
++		SSL_CTX_use_certificate;
++		SSL_CTX_use_certificate_ASN1;
++		SSL_CTX_use_certificate_chain_file;
++		SSL_CTX_use_certificate_file;
++		SSL_CTX_use_PrivateKey;
++		SSL_CTX_use_PrivateKey_ASN1;
++		SSL_CTX_use_PrivateKey_file;
++		SSL_CTX_use_psk_identity_hint;
++		SSL_CTX_use_RSAPrivateKey;
++		SSL_CTX_use_RSAPrivateKey_ASN1;
++		SSL_CTX_use_RSAPrivateKey_file;
++		SSL_do_handshake;
++		SSL_dup;
++		SSL_dup_CA_list;
++		SSLeay_add_ssl_algorithms;
++		SSL_free;
++		SSL_get1_session;
++		SSL_get_certificate;
++		SSL_get_cipher_list;
++		SSL_get_ciphers;
++		SSL_get_client_CA_list;
++		SSL_get_current_cipher;
++		SSL_get_current_compression;
++		SSL_get_current_expansion;
++		SSL_get_default_timeout;
++		SSL_get_error;
++		SSL_get_ex_data;
++		SSL_get_ex_data_X509_STORE_CTX_idx;
++		SSL_get_ex_d_X509_STORE_CTX_idx;
++		SSL_get_ex_new_index;
++		SSL_get_fd;
++		SSL_get_finished;
++		SSL_get_info_callback;
++		SSL_get_peer_cert_chain;
++		SSL_get_peer_certificate;
++		SSL_get_peer_finished;
++		SSL_get_privatekey;
++		SSL_get_psk_identity;
++		SSL_get_psk_identity_hint;
++		SSL_get_quiet_shutdown;
++		SSL_get_rbio;
++		SSL_get_read_ahead;
++		SSL_get_rfd;
++		SSL_get_servername;
++		SSL_get_servername_type;
++		SSL_get_session;
++		SSL_get_shared_ciphers;
++		SSL_get_shutdown;
++		SSL_get_SSL_CTX;
++		SSL_get_ssl_method;
++		SSL_get_verify_callback;
++		SSL_get_verify_depth;
++		SSL_get_verify_mode;
++		SSL_get_verify_result;
++		SSL_get_version;
++		SSL_get_wbio;
++		SSL_get_wfd;
++		SSL_has_matching_session_id;
++		SSL_library_init;
++		SSL_load_client_CA_file;
++		SSL_load_error_strings;
++		SSL_new;
++		SSL_peek;
++		SSL_pending;
++		SSL_read;
++		SSL_renegotiate;
++		SSL_renegotiate_pending;
++		SSL_rstate_string;
++		SSL_rstate_string_long;
++		SSL_SESSION_cmp;
++		SSL_SESSION_free;
++		SSL_SESSION_get_ex_data;
++		SSL_SESSION_get_ex_new_index;
++		SSL_SESSION_get_id;
++		SSL_SESSION_get_time;
++		SSL_SESSION_get_timeout;
++		SSL_SESSION_hash;
++		SSL_SESSION_new;
++		SSL_SESSION_print;
++		SSL_SESSION_print_fp;
++		SSL_SESSION_set_ex_data;
++		SSL_SESSION_set_time;
++		SSL_SESSION_set_timeout;
++		SSL_set1_param;
++		SSL_set_accept_state;
++		SSL_set_bio;
++		SSL_set_cipher_list;
++		SSL_set_client_CA_list;
++		SSL_set_connect_state;
++		SSL_set_ex_data;
++		SSL_set_fd;
++		SSL_set_generate_session_id;
++		SSL_set_info_callback;
++		SSL_set_msg_callback;
++		SSL_set_psk_client_callback;
++		SSL_set_psk_server_callback;
++		SSL_set_purpose;
++		SSL_set_quiet_shutdown;
++		SSL_set_read_ahead;
++		SSL_set_rfd;
++		SSL_set_session;
++		SSL_set_session_id_context;
++		SSL_set_session_secret_cb;
++		SSL_set_session_ticket_ext;
++		SSL_set_session_ticket_ext_cb;
++		SSL_set_shutdown;
++		SSL_set_SSL_CTX;
++		SSL_set_ssl_method;
++		SSL_set_tmp_dh_callback;
++		SSL_set_tmp_ecdh_callback;
++		SSL_set_tmp_rsa_callback;
++		SSL_set_trust;
++		SSL_set_verify;
++		SSL_set_verify_depth;
++		SSL_set_verify_result;
++		SSL_set_wfd;
++		SSL_shutdown;
++		SSL_state;
++		SSL_state_string;
++		SSL_state_string_long;
++		SSL_use_certificate;
++		SSL_use_certificate_ASN1;
++		SSL_use_certificate_file;
++		SSL_use_PrivateKey;
++		SSL_use_PrivateKey_ASN1;
++		SSL_use_PrivateKey_file;
++		SSL_use_psk_identity_hint;
++		SSL_use_RSAPrivateKey;
++		SSL_use_RSAPrivateKey_ASN1;
++		SSL_use_RSAPrivateKey_file;
++		SSLv23_client_method;
++		SSLv23_method;
++		SSLv23_server_method;
++		SSLv2_client_method;
++		SSLv2_method;
++		SSLv2_server_method;
++		SSLv3_client_method;
++		SSLv3_method;
++		SSLv3_server_method;
++		SSL_version;
++		SSL_want;
++		SSL_write;
++		TLSv1_client_method;
++		TLSv1_method;
++		TLSv1_server_method;
++
++
++		SSLeay;
++		SSLeay_version;
++		ASN1_BIT_STRING_asn1_meth;
++		ASN1_HEADER_free;
++		ASN1_HEADER_new;
++		ASN1_IA5STRING_asn1_meth;
++		ASN1_INTEGER_get;
++		ASN1_INTEGER_set;
++		ASN1_INTEGER_to_BN;
++		ASN1_OBJECT_create;
++		ASN1_OBJECT_free;
++		ASN1_OBJECT_new;
++		ASN1_PRINTABLE_type;
++		ASN1_STRING_cmp;
++		ASN1_STRING_dup;
++		ASN1_STRING_free;
++		ASN1_STRING_new;
++		ASN1_STRING_print;
++		ASN1_STRING_set;
++		ASN1_STRING_type_new;
++		ASN1_TYPE_free;
++		ASN1_TYPE_new;
++		ASN1_UNIVERSALSTRING_to_string;
++		ASN1_UTCTIME_check;
++		ASN1_UTCTIME_print;
++		ASN1_UTCTIME_set;
++		ASN1_check_infinite_end;
++		ASN1_d2i_bio;
++		ASN1_d2i_fp;
++		ASN1_digest;
++		ASN1_dup;
++		ASN1_get_object;
++		ASN1_i2d_bio;
++		ASN1_i2d_fp;
++		ASN1_object_size;
++		ASN1_parse;
++		ASN1_put_object;
++		ASN1_sign;
++		ASN1_verify;
++		BF_cbc_encrypt;
++		BF_cfb64_encrypt;
++		BF_ecb_encrypt;
++		BF_encrypt;
++		BF_ofb64_encrypt;
++		BF_options;
++		BF_set_key;
++		BIO_CONNECT_free;
++		BIO_CONNECT_new;
++		BIO_accept;
++		BIO_ctrl;
++		BIO_int_ctrl;
++		BIO_debug_callback;
++		BIO_dump;
++		BIO_dup_chain;
++		BIO_f_base64;
++		BIO_f_buffer;
++		BIO_f_cipher;
++		BIO_f_md;
++		BIO_f_null;
++		BIO_f_proxy_server;
++		BIO_fd_non_fatal_error;
++		BIO_fd_should_retry;
++		BIO_find_type;
++		BIO_free;
++		BIO_free_all;
++		BIO_get_accept_socket;
++		BIO_get_filter_bio;
++		BIO_get_host_ip;
++		BIO_get_port;
++		BIO_get_retry_BIO;
++		BIO_get_retry_reason;
++		BIO_gethostbyname;
++		BIO_gets;
++		BIO_new;
++		BIO_new_accept;
++		BIO_new_connect;
++		BIO_new_fd;
++		BIO_new_file;
++		BIO_new_fp;
++		BIO_new_socket;
++		BIO_pop;
++		BIO_printf;
++		BIO_push;
++		BIO_puts;
++		BIO_read;
++		BIO_s_accept;
++		BIO_s_connect;
++		BIO_s_fd;
++		BIO_s_file;
++		BIO_s_mem;
++		BIO_s_null;
++		BIO_s_proxy_client;
++		BIO_s_socket;
++		BIO_set;
++		BIO_set_cipher;
++		BIO_set_tcp_ndelay;
++		BIO_sock_cleanup;
++		BIO_sock_error;
++		BIO_sock_init;
++		BIO_sock_non_fatal_error;
++		BIO_sock_should_retry;
++		BIO_socket_ioctl;
++		BIO_write;
++		BN_CTX_free;
++		BN_CTX_new;
++		BN_MONT_CTX_free;
++		BN_MONT_CTX_new;
++		BN_MONT_CTX_set;
++		BN_add;
++		BN_add_word;
++		BN_hex2bn;
++		BN_bin2bn;
++		BN_bn2hex;
++		BN_bn2bin;
++		BN_clear;
++		BN_clear_bit;
++		BN_clear_free;
++		BN_cmp;
++		BN_copy;
++		BN_div;
++		BN_div_word;
++		BN_dup;
++		BN_free;
++		BN_from_montgomery;
++		BN_gcd;
++		BN_generate_prime;
++		BN_get_word;
++		BN_is_bit_set;
++		BN_is_prime;
++		BN_lshift;
++		BN_lshift1;
++		BN_mask_bits;
++		BN_mod;
++		BN_mod_exp;
++		BN_mod_exp_mont;
++		BN_mod_exp_simple;
++		BN_mod_inverse;
++		BN_mod_mul;
++		BN_mod_mul_montgomery;
++		BN_mod_word;
++		BN_mul;
++		BN_new;
++		BN_num_bits;
++		BN_num_bits_word;
++		BN_options;
++		BN_print;
++		BN_print_fp;
++		BN_rand;
++		BN_reciprocal;
++		BN_rshift;
++		BN_rshift1;
++		BN_set_bit;
++		BN_set_word;
++		BN_sqr;
++		BN_sub;
++		BN_to_ASN1_INTEGER;
++		BN_ucmp;
++		BN_value_one;
++		BUF_MEM_free;
++		BUF_MEM_grow;
++		BUF_MEM_new;
++		BUF_strdup;
++		CONF_free;
++		CONF_get_number;
++		CONF_get_section;
++		CONF_get_string;
++		CONF_load;
++		CRYPTO_add_lock;
++		CRYPTO_dbg_free;
++		CRYPTO_dbg_malloc;
++		CRYPTO_dbg_realloc;
++		CRYPTO_dbg_remalloc;
++		CRYPTO_free;
++		CRYPTO_get_add_lock_callback;
++		CRYPTO_get_id_callback;
++		CRYPTO_get_lock_name;
++		CRYPTO_get_locking_callback;
++		CRYPTO_get_mem_functions;
++		CRYPTO_lock;
++		CRYPTO_malloc;
++		CRYPTO_mem_ctrl;
++		CRYPTO_mem_leaks;
++		CRYPTO_mem_leaks_cb;
++		CRYPTO_mem_leaks_fp;
++		CRYPTO_realloc;
++		CRYPTO_remalloc;
++		CRYPTO_set_add_lock_callback;
++		CRYPTO_set_id_callback;
++		CRYPTO_set_locking_callback;
++		CRYPTO_set_mem_functions;
++		CRYPTO_thread_id;
++		DH_check;
++		DH_compute_key;
++		DH_free;
++		DH_generate_key;
++		DH_generate_parameters;
++		DH_new;
++		DH_size;
++		DHparams_print;
++		DHparams_print_fp;
++		DSA_free;
++		DSA_generate_key;
++		DSA_generate_parameters;
++		DSA_is_prime;
++		DSA_new;
++		DSA_print;
++		DSA_print_fp;
++		DSA_sign;
++		DSA_sign_setup;
++		DSA_size;
++		DSA_verify;
++		DSAparams_print;
++		DSAparams_print_fp;
++		ERR_clear_error;
++		ERR_error_string;
++		ERR_free_strings;
++		ERR_func_error_string;
++		ERR_get_err_state_table;
++		ERR_get_error;
++		ERR_get_error_line;
++		ERR_get_state;
++		ERR_get_string_table;
++		ERR_lib_error_string;
++		ERR_load_ASN1_strings;
++		ERR_load_BIO_strings;
++		ERR_load_BN_strings;
++		ERR_load_BUF_strings;
++		ERR_load_CONF_strings;
++		ERR_load_DH_strings;
++		ERR_load_DSA_strings;
++		ERR_load_ERR_strings;
++		ERR_load_EVP_strings;
++		ERR_load_OBJ_strings;
++		ERR_load_PEM_strings;
++		ERR_load_PROXY_strings;
++		ERR_load_RSA_strings;
++		ERR_load_X509_strings;
++		ERR_load_crypto_strings;
++		ERR_load_strings;
++		ERR_peek_error;
++		ERR_peek_error_line;
++		ERR_print_errors;
++		ERR_print_errors_fp;
++		ERR_put_error;
++		ERR_reason_error_string;
++		ERR_remove_state;
++		EVP_BytesToKey;
++		EVP_CIPHER_CTX_cleanup;
++		EVP_CipherFinal;
++		EVP_CipherInit;
++		EVP_CipherUpdate;
++		EVP_DecodeBlock;
++		EVP_DecodeFinal;
++		EVP_DecodeInit;
++		EVP_DecodeUpdate;
++		EVP_DecryptFinal;
++		EVP_DecryptInit;
++		EVP_DecryptUpdate;
++		EVP_DigestFinal;
++		EVP_DigestInit;
++		EVP_DigestUpdate;
++		EVP_EncodeBlock;
++		EVP_EncodeFinal;
++		EVP_EncodeInit;
++		EVP_EncodeUpdate;
++		EVP_EncryptFinal;
++		EVP_EncryptInit;
++		EVP_EncryptUpdate;
++		EVP_OpenFinal;
++		EVP_OpenInit;
++		EVP_PKEY_assign;
++		EVP_PKEY_copy_parameters;
++		EVP_PKEY_free;
++		EVP_PKEY_missing_parameters;
++		EVP_PKEY_new;
++		EVP_PKEY_save_parameters;
++		EVP_PKEY_size;
++		EVP_PKEY_type;
++		EVP_SealFinal;
++		EVP_SealInit;
++		EVP_SignFinal;
++		EVP_VerifyFinal;
++		EVP_add_alias;
++		EVP_add_cipher;
++		EVP_add_digest;
++		EVP_bf_cbc;
++		EVP_bf_cfb64;
++		EVP_bf_ecb;
++		EVP_bf_ofb;
++		EVP_cleanup;
++		EVP_des_cbc;
++		EVP_des_cfb64;
++		EVP_des_ecb;
++		EVP_des_ede;
++		EVP_des_ede3;
++		EVP_des_ede3_cbc;
++		EVP_des_ede3_cfb64;
++		EVP_des_ede3_ofb;
++		EVP_des_ede_cbc;
++		EVP_des_ede_cfb64;
++		EVP_des_ede_ofb;
++		EVP_des_ofb;
++		EVP_desx_cbc;
++		EVP_dss;
++		EVP_dss1;
++		EVP_enc_null;
++		EVP_get_cipherbyname;
++		EVP_get_digestbyname;
++		EVP_get_pw_prompt;
++		EVP_idea_cbc;
++		EVP_idea_cfb64;
++		EVP_idea_ecb;
++		EVP_idea_ofb;
++		EVP_md2;
++		EVP_md5;
++		EVP_md_null;
++		EVP_rc2_cbc;
++		EVP_rc2_cfb64;
++		EVP_rc2_ecb;
++		EVP_rc2_ofb;
++		EVP_rc4;
++		EVP_read_pw_string;
++		EVP_set_pw_prompt;
++		EVP_sha;
++		EVP_sha1;
++		MD2;
++		MD2_Final;
++		MD2_Init;
++		MD2_Update;
++		MD2_options;
++		MD5;
++		MD5_Final;
++		MD5_Init;
++		MD5_Update;
++		MDC2;
++		MDC2_Final;
++		MDC2_Init;
++		MDC2_Update;
++		NETSCAPE_SPKAC_free;
++		NETSCAPE_SPKAC_new;
++		NETSCAPE_SPKI_free;
++		NETSCAPE_SPKI_new;
++		NETSCAPE_SPKI_sign;
++		NETSCAPE_SPKI_verify;
++		OBJ_add_object;
++		OBJ_bsearch;
++		OBJ_cleanup;
++		OBJ_cmp;
++		OBJ_create;
++		OBJ_dup;
++		OBJ_ln2nid;
++		OBJ_new_nid;
++		OBJ_nid2ln;
++		OBJ_nid2obj;
++		OBJ_nid2sn;
++		OBJ_obj2nid;
++		OBJ_sn2nid;
++		OBJ_txt2nid;
++		PEM_ASN1_read;
++		PEM_ASN1_read_bio;
++		PEM_ASN1_write;
++		PEM_ASN1_write_bio;
++		PEM_SealFinal;
++		PEM_SealInit;
++		PEM_SealUpdate;
++		PEM_SignFinal;
++		PEM_SignInit;
++		PEM_SignUpdate;
++		PEM_X509_INFO_read;
++		PEM_X509_INFO_read_bio;
++		PEM_X509_INFO_write_bio;
++		PEM_dek_info;
++		PEM_do_header;
++		PEM_get_EVP_CIPHER_INFO;
++		PEM_proc_type;
++		PEM_read;
++		PEM_read_DHparams;
++		PEM_read_DSAPrivateKey;
++		PEM_read_DSAparams;
++		PEM_read_PKCS7;
++		PEM_read_PrivateKey;
++		PEM_read_RSAPrivateKey;
++		PEM_read_X509;
++		PEM_read_X509_CRL;
++		PEM_read_X509_REQ;
++		PEM_read_bio;
++		PEM_read_bio_DHparams;
++		PEM_read_bio_DSAPrivateKey;
++		PEM_read_bio_DSAparams;
++		PEM_read_bio_PKCS7;
++		PEM_read_bio_PrivateKey;
++		PEM_read_bio_RSAPrivateKey;
++		PEM_read_bio_X509;
++		PEM_read_bio_X509_CRL;
++		PEM_read_bio_X509_REQ;
++		PEM_write;
++		PEM_write_DHparams;
++		PEM_write_DSAPrivateKey;
++		PEM_write_DSAparams;
++		PEM_write_PKCS7;
++		PEM_write_PrivateKey;
++		PEM_write_RSAPrivateKey;
++		PEM_write_X509;
++		PEM_write_X509_CRL;
++		PEM_write_X509_REQ;
++		PEM_write_bio;
++		PEM_write_bio_DHparams;
++		PEM_write_bio_DSAPrivateKey;
++		PEM_write_bio_DSAparams;
++		PEM_write_bio_PKCS7;
++		PEM_write_bio_PrivateKey;
++		PEM_write_bio_RSAPrivateKey;
++		PEM_write_bio_X509;
++		PEM_write_bio_X509_CRL;
++		PEM_write_bio_X509_REQ;
++		PKCS7_DIGEST_free;
++		PKCS7_DIGEST_new;
++		PKCS7_ENCRYPT_free;
++		PKCS7_ENCRYPT_new;
++		PKCS7_ENC_CONTENT_free;
++		PKCS7_ENC_CONTENT_new;
++		PKCS7_ENVELOPE_free;
++		PKCS7_ENVELOPE_new;
++		PKCS7_ISSUER_AND_SERIAL_digest;
++		PKCS7_ISSUER_AND_SERIAL_free;
++		PKCS7_ISSUER_AND_SERIAL_new;
++		PKCS7_RECIP_INFO_free;
++		PKCS7_RECIP_INFO_new;
++		PKCS7_SIGNED_free;
++		PKCS7_SIGNED_new;
++		PKCS7_SIGNER_INFO_free;
++		PKCS7_SIGNER_INFO_new;
++		PKCS7_SIGN_ENVELOPE_free;
++		PKCS7_SIGN_ENVELOPE_new;
++		PKCS7_dup;
++		PKCS7_free;
++		PKCS7_new;
++		PROXY_ENTRY_add_noproxy;
++		PROXY_ENTRY_clear_noproxy;
++		PROXY_ENTRY_free;
++		PROXY_ENTRY_get_noproxy;
++		PROXY_ENTRY_new;
++		PROXY_ENTRY_set_server;
++		PROXY_add_noproxy;
++		PROXY_add_server;
++		PROXY_check_by_host;
++		PROXY_check_url;
++		PROXY_clear_noproxy;
++		PROXY_free;
++		PROXY_get_noproxy;
++		PROXY_get_proxies;
++		PROXY_get_proxy_entry;
++		PROXY_load_conf;
++		PROXY_new;
++		PROXY_print;
++		RAND_bytes;
++		RAND_cleanup;
++		RAND_file_name;
++		RAND_load_file;
++		RAND_screen;
++		RAND_seed;
++		RAND_write_file;
++		RC2_cbc_encrypt;
++		RC2_cfb64_encrypt;
++		RC2_ecb_encrypt;
++		RC2_encrypt;
++		RC2_ofb64_encrypt;
++		RC2_set_key;
++		RC4;
++		RC4_options;
++		RC4_set_key;
++		RSAPrivateKey_asn1_meth;
++		RSAPrivateKey_dup;
++		RSAPublicKey_dup;
++		RSA_PKCS1_SSLeay;
++		RSA_free;
++		RSA_generate_key;
++		RSA_new;
++		RSA_new_method;
++		RSA_print;
++		RSA_print_fp;
++		RSA_private_decrypt;
++		RSA_private_encrypt;
++		RSA_public_decrypt;
++		RSA_public_encrypt;
++		RSA_set_default_method;
++		RSA_sign;
++		RSA_sign_ASN1_OCTET_STRING;
++		RSA_size;
++		RSA_verify;
++		RSA_verify_ASN1_OCTET_STRING;
++		SHA;
++		SHA1;
++		SHA1_Final;
++		SHA1_Init;
++		SHA1_Update;
++		SHA_Final;
++		SHA_Init;
++		SHA_Update;
++		OpenSSL_add_all_algorithms;
++		OpenSSL_add_all_ciphers;
++		OpenSSL_add_all_digests;
++		TXT_DB_create_index;
++		TXT_DB_free;
++		TXT_DB_get_by_index;
++		TXT_DB_insert;
++		TXT_DB_read;
++		TXT_DB_write;
++		X509_ALGOR_free;
++		X509_ALGOR_new;
++		X509_ATTRIBUTE_free;
++		X509_ATTRIBUTE_new;
++		X509_CINF_free;
++		X509_CINF_new;
++		X509_CRL_INFO_free;
++		X509_CRL_INFO_new;
++		X509_CRL_add_ext;
++		X509_CRL_cmp;
++		X509_CRL_delete_ext;
++		X509_CRL_dup;
++		X509_CRL_free;
++		X509_CRL_get_ext;
++		X509_CRL_get_ext_by_NID;
++		X509_CRL_get_ext_by_OBJ;
++		X509_CRL_get_ext_by_critical;
++		X509_CRL_get_ext_count;
++		X509_CRL_new;
++		X509_CRL_sign;
++		X509_CRL_verify;
++		X509_EXTENSION_create_by_NID;
++		X509_EXTENSION_create_by_OBJ;
++		X509_EXTENSION_dup;
++		X509_EXTENSION_free;
++		X509_EXTENSION_get_critical;
++		X509_EXTENSION_get_data;
++		X509_EXTENSION_get_object;
++		X509_EXTENSION_new;
++		X509_EXTENSION_set_critical;
++		X509_EXTENSION_set_data;
++		X509_EXTENSION_set_object;
++		X509_INFO_free;
++		X509_INFO_new;
++		X509_LOOKUP_by_alias;
++		X509_LOOKUP_by_fingerprint;
++		X509_LOOKUP_by_issuer_serial;
++		X509_LOOKUP_by_subject;
++		X509_LOOKUP_ctrl;
++		X509_LOOKUP_file;
++		X509_LOOKUP_free;
++		X509_LOOKUP_hash_dir;
++		X509_LOOKUP_init;
++		X509_LOOKUP_new;
++		X509_LOOKUP_shutdown;
++		X509_NAME_ENTRY_create_by_NID;
++		X509_NAME_ENTRY_create_by_OBJ;
++		X509_NAME_ENTRY_dup;
++		X509_NAME_ENTRY_free;
++		X509_NAME_ENTRY_get_data;
++		X509_NAME_ENTRY_get_object;
++		X509_NAME_ENTRY_new;
++		X509_NAME_ENTRY_set_data;
++		X509_NAME_ENTRY_set_object;
++		X509_NAME_add_entry;
++		X509_NAME_cmp;
++		X509_NAME_delete_entry;
++		X509_NAME_digest;
++		X509_NAME_dup;
++		X509_NAME_entry_count;
++		X509_NAME_free;
++		X509_NAME_get_entry;
++		X509_NAME_get_index_by_NID;
++		X509_NAME_get_index_by_OBJ;
++		X509_NAME_get_text_by_NID;
++		X509_NAME_get_text_by_OBJ;
++		X509_NAME_hash;
++		X509_NAME_new;
++		X509_NAME_oneline;
++		X509_NAME_print;
++		X509_NAME_set;
++		X509_OBJECT_free_contents;
++		X509_OBJECT_retrieve_by_subject;
++		X509_OBJECT_up_ref_count;
++		X509_PKEY_free;
++		X509_PKEY_new;
++		X509_PUBKEY_free;
++		X509_PUBKEY_get;
++		X509_PUBKEY_new;
++		X509_PUBKEY_set;
++		X509_REQ_INFO_free;
++		X509_REQ_INFO_new;
++		X509_REQ_dup;
++		X509_REQ_free;
++		X509_REQ_get_pubkey;
++		X509_REQ_new;
++		X509_REQ_print;
++		X509_REQ_print_fp;
++		X509_REQ_set_pubkey;
++		X509_REQ_set_subject_name;
++		X509_REQ_set_version;
++		X509_REQ_sign;
++		X509_REQ_to_X509;
++		X509_REQ_verify;
++		X509_REVOKED_add_ext;
++		X509_REVOKED_delete_ext;
++		X509_REVOKED_free;
++		X509_REVOKED_get_ext;
++		X509_REVOKED_get_ext_by_NID;
++		X509_REVOKED_get_ext_by_OBJ;
++		X509_REVOKED_get_ext_by_critical;
++		X509_REVOKED_get_ext_by_critic;
++		X509_REVOKED_get_ext_count;
++		X509_REVOKED_new;
++		X509_SIG_free;
++		X509_SIG_new;
++		X509_STORE_CTX_cleanup;
++		X509_STORE_CTX_init;
++		X509_STORE_add_cert;
++		X509_STORE_add_lookup;
++		X509_STORE_free;
++		X509_STORE_get_by_subject;
++		X509_STORE_load_locations;
++		X509_STORE_new;
++		X509_STORE_set_default_paths;
++		X509_VAL_free;
++		X509_VAL_new;
++		X509_add_ext;
++		X509_asn1_meth;
++		X509_certificate_type;
++		X509_check_private_key;
++		X509_cmp_current_time;
++		X509_delete_ext;
++		X509_digest;
++		X509_dup;
++		X509_free;
++		X509_get_default_cert_area;
++		X509_get_default_cert_dir;
++		X509_get_default_cert_dir_env;
++		X509_get_default_cert_file;
++		X509_get_default_cert_file_env;
++		X509_get_default_private_dir;
++		X509_get_ext;
++		X509_get_ext_by_NID;
++		X509_get_ext_by_OBJ;
++		X509_get_ext_by_critical;
++		X509_get_ext_count;
++		X509_get_issuer_name;
++		X509_get_pubkey;
++		X509_get_pubkey_parameters;
++		X509_get_serialNumber;
++		X509_get_subject_name;
++		X509_gmtime_adj;
++		X509_issuer_and_serial_cmp;
++		X509_issuer_and_serial_hash;
++		X509_issuer_name_cmp;
++		X509_issuer_name_hash;
++		X509_load_cert_file;
++		X509_new;
++		X509_print;
++		X509_print_fp;
++		X509_set_issuer_name;
++		X509_set_notAfter;
++		X509_set_notBefore;
++		X509_set_pubkey;
++		X509_set_serialNumber;
++		X509_set_subject_name;
++		X509_set_version;
++		X509_sign;
++		X509_subject_name_cmp;
++		X509_subject_name_hash;
++		X509_to_X509_REQ;
++		X509_verify;
++		X509_verify_cert;
++		X509_verify_cert_error_string;
++		X509v3_add_ext;
++		X509v3_add_extension;
++		X509v3_add_netscape_extensions;
++		X509v3_add_standard_extensions;
++		X509v3_cleanup_extensions;
++		X509v3_data_type_by_NID;
++		X509v3_data_type_by_OBJ;
++		X509v3_delete_ext;
++		X509v3_get_ext;
++		X509v3_get_ext_by_NID;
++		X509v3_get_ext_by_OBJ;
++		X509v3_get_ext_by_critical;
++		X509v3_get_ext_count;
++		X509v3_pack_string;
++		X509v3_pack_type_by_NID;
++		X509v3_pack_type_by_OBJ;
++		X509v3_unpack_string;
++		_des_crypt;
++		a2d_ASN1_OBJECT;
++		a2i_ASN1_INTEGER;
++		a2i_ASN1_STRING;
++		asn1_Finish;
++		asn1_GetSequence;
++		bn_div_words;
++		bn_expand2;
++		bn_mul_add_words;
++		bn_mul_words;
++		BN_uadd;
++		BN_usub;
++		bn_sqr_words;
++		_ossl_old_crypt;
++		d2i_ASN1_BIT_STRING;
++		d2i_ASN1_BOOLEAN;
++		d2i_ASN1_HEADER;
++		d2i_ASN1_IA5STRING;
++		d2i_ASN1_INTEGER;
++		d2i_ASN1_OBJECT;
++		d2i_ASN1_OCTET_STRING;
++		d2i_ASN1_PRINTABLE;
++		d2i_ASN1_PRINTABLESTRING;
++		d2i_ASN1_SET;
++		d2i_ASN1_T61STRING;
++		d2i_ASN1_TYPE;
++		d2i_ASN1_UTCTIME;
++		d2i_ASN1_bytes;
++		d2i_ASN1_type_bytes;
++		d2i_DHparams;
++		d2i_DSAPrivateKey;
++		d2i_DSAPrivateKey_bio;
++		d2i_DSAPrivateKey_fp;
++		d2i_DSAPublicKey;
++		d2i_DSAparams;
++		d2i_NETSCAPE_SPKAC;
++		d2i_NETSCAPE_SPKI;
++		d2i_Netscape_RSA;
++		d2i_PKCS7;
++		d2i_PKCS7_DIGEST;
++		d2i_PKCS7_ENCRYPT;
++		d2i_PKCS7_ENC_CONTENT;
++		d2i_PKCS7_ENVELOPE;
++		d2i_PKCS7_ISSUER_AND_SERIAL;
++		d2i_PKCS7_RECIP_INFO;
++		d2i_PKCS7_SIGNED;
++		d2i_PKCS7_SIGNER_INFO;
++		d2i_PKCS7_SIGN_ENVELOPE;
++		d2i_PKCS7_bio;
++		d2i_PKCS7_fp;
++		d2i_PrivateKey;
++		d2i_PublicKey;
++		d2i_RSAPrivateKey;
++		d2i_RSAPrivateKey_bio;
++		d2i_RSAPrivateKey_fp;
++		d2i_RSAPublicKey;
++		d2i_X509;
++		d2i_X509_ALGOR;
++		d2i_X509_ATTRIBUTE;
++		d2i_X509_CINF;
++		d2i_X509_CRL;
++		d2i_X509_CRL_INFO;
++		d2i_X509_CRL_bio;
++		d2i_X509_CRL_fp;
++		d2i_X509_EXTENSION;
++		d2i_X509_NAME;
++		d2i_X509_NAME_ENTRY;
++		d2i_X509_PKEY;
++		d2i_X509_PUBKEY;
++		d2i_X509_REQ;
++		d2i_X509_REQ_INFO;
++		d2i_X509_REQ_bio;
++		d2i_X509_REQ_fp;
++		d2i_X509_REVOKED;
++		d2i_X509_SIG;
++		d2i_X509_VAL;
++		d2i_X509_bio;
++		d2i_X509_fp;
++		DES_cbc_cksum;
++		DES_cbc_encrypt;
++		DES_cblock_print_file;
++		DES_cfb64_encrypt;
++		DES_cfb_encrypt;
++		DES_decrypt3;
++		DES_ecb3_encrypt;
++		DES_ecb_encrypt;
++		DES_ede3_cbc_encrypt;
++		DES_ede3_cfb64_encrypt;
++		DES_ede3_ofb64_encrypt;
++		DES_enc_read;
++		DES_enc_write;
++		DES_encrypt1;
++		DES_encrypt2;
++		DES_encrypt3;
++		DES_fcrypt;
++		DES_is_weak_key;
++		DES_key_sched;
++		DES_ncbc_encrypt;
++		DES_ofb64_encrypt;
++		DES_ofb_encrypt;
++		DES_options;
++		DES_pcbc_encrypt;
++		DES_quad_cksum;
++		DES_random_key;
++		_ossl_old_des_random_seed;
++		_ossl_old_des_read_2passwords;
++		_ossl_old_des_read_password;
++		_ossl_old_des_read_pw;
++		_ossl_old_des_read_pw_string;
++		DES_set_key;
++		DES_set_odd_parity;
++		DES_string_to_2keys;
++		DES_string_to_key;
++		DES_xcbc_encrypt;
++		DES_xwhite_in2out;
++		fcrypt_body;
++		i2a_ASN1_INTEGER;
++		i2a_ASN1_OBJECT;
++		i2a_ASN1_STRING;
++		i2d_ASN1_BIT_STRING;
++		i2d_ASN1_BOOLEAN;
++		i2d_ASN1_HEADER;
++		i2d_ASN1_IA5STRING;
++		i2d_ASN1_INTEGER;
++		i2d_ASN1_OBJECT;
++		i2d_ASN1_OCTET_STRING;
++		i2d_ASN1_PRINTABLE;
++		i2d_ASN1_SET;
++		i2d_ASN1_TYPE;
++		i2d_ASN1_UTCTIME;
++		i2d_ASN1_bytes;
++		i2d_DHparams;
++		i2d_DSAPrivateKey;
++		i2d_DSAPrivateKey_bio;
++		i2d_DSAPrivateKey_fp;
++		i2d_DSAPublicKey;
++		i2d_DSAparams;
++		i2d_NETSCAPE_SPKAC;
++		i2d_NETSCAPE_SPKI;
++		i2d_Netscape_RSA;
++		i2d_PKCS7;
++		i2d_PKCS7_DIGEST;
++		i2d_PKCS7_ENCRYPT;
++		i2d_PKCS7_ENC_CONTENT;
++		i2d_PKCS7_ENVELOPE;
++		i2d_PKCS7_ISSUER_AND_SERIAL;
++		i2d_PKCS7_RECIP_INFO;
++		i2d_PKCS7_SIGNED;
++		i2d_PKCS7_SIGNER_INFO;
++		i2d_PKCS7_SIGN_ENVELOPE;
++		i2d_PKCS7_bio;
++		i2d_PKCS7_fp;
++		i2d_PrivateKey;
++		i2d_PublicKey;
++		i2d_RSAPrivateKey;
++		i2d_RSAPrivateKey_bio;
++		i2d_RSAPrivateKey_fp;
++		i2d_RSAPublicKey;
++		i2d_X509;
++		i2d_X509_ALGOR;
++		i2d_X509_ATTRIBUTE;
++		i2d_X509_CINF;
++		i2d_X509_CRL;
++		i2d_X509_CRL_INFO;
++		i2d_X509_CRL_bio;
++		i2d_X509_CRL_fp;
++		i2d_X509_EXTENSION;
++		i2d_X509_NAME;
++		i2d_X509_NAME_ENTRY;
++		i2d_X509_PKEY;
++		i2d_X509_PUBKEY;
++		i2d_X509_REQ;
++		i2d_X509_REQ_INFO;
++		i2d_X509_REQ_bio;
++		i2d_X509_REQ_fp;
++		i2d_X509_REVOKED;
++		i2d_X509_SIG;
++		i2d_X509_VAL;
++		i2d_X509_bio;
++		i2d_X509_fp;
++		idea_cbc_encrypt;
++		idea_cfb64_encrypt;
++		idea_ecb_encrypt;
++		idea_encrypt;
++		idea_ofb64_encrypt;
++		idea_options;
++		idea_set_decrypt_key;
++		idea_set_encrypt_key;
++		lh_delete;
++		lh_doall;
++		lh_doall_arg;
++		lh_free;
++		lh_insert;
++		lh_new;
++		lh_node_stats;
++		lh_node_stats_bio;
++		lh_node_usage_stats;
++		lh_node_usage_stats_bio;
++		lh_retrieve;
++		lh_stats;
++		lh_stats_bio;
++		lh_strhash;
++		sk_delete;
++		sk_delete_ptr;
++		sk_dup;
++		sk_find;
++		sk_free;
++		sk_insert;
++		sk_new;
++		sk_pop;
++		sk_pop_free;
++		sk_push;
++		sk_set_cmp_func;
++		sk_shift;
++		sk_unshift;
++		sk_zero;
++		BIO_f_nbio_test;
++		ASN1_TYPE_get;
++		ASN1_TYPE_set;
++		PKCS7_content_free;
++		ERR_load_PKCS7_strings;
++		X509_find_by_issuer_and_serial;
++		X509_find_by_subject;
++		PKCS7_ctrl;
++		PKCS7_set_type;
++		PKCS7_set_content;
++		PKCS7_SIGNER_INFO_set;
++		PKCS7_add_signer;
++		PKCS7_add_certificate;
++		PKCS7_add_crl;
++		PKCS7_content_new;
++		PKCS7_dataSign;
++		PKCS7_dataVerify;
++		PKCS7_dataInit;
++		PKCS7_add_signature;
++		PKCS7_cert_from_signer_info;
++		PKCS7_get_signer_info;
++		EVP_delete_alias;
++		EVP_mdc2;
++		PEM_read_bio_RSAPublicKey;
++		PEM_write_bio_RSAPublicKey;
++		d2i_RSAPublicKey_bio;
++		i2d_RSAPublicKey_bio;
++		PEM_read_RSAPublicKey;
++		PEM_write_RSAPublicKey;
++		d2i_RSAPublicKey_fp;
++		i2d_RSAPublicKey_fp;
++		BIO_copy_next_retry;
++		RSA_flags;
++		X509_STORE_add_crl;
++		X509_load_crl_file;
++		EVP_rc2_40_cbc;
++		EVP_rc4_40;
++		EVP_CIPHER_CTX_init;
++		HMAC;
++		HMAC_Init;
++		HMAC_Update;
++		HMAC_Final;
++		ERR_get_next_error_library;
++		EVP_PKEY_cmp_parameters;
++		HMAC_cleanup;
++		BIO_ptr_ctrl;
++		BIO_new_file_internal;
++		BIO_new_fp_internal;
++		BIO_s_file_internal;
++		BN_BLINDING_convert;
++		BN_BLINDING_invert;
++		BN_BLINDING_update;
++		RSA_blinding_on;
++		RSA_blinding_off;
++		i2t_ASN1_OBJECT;
++		BN_BLINDING_new;
++		BN_BLINDING_free;
++		EVP_cast5_cbc;
++		EVP_cast5_cfb64;
++		EVP_cast5_ecb;
++		EVP_cast5_ofb;
++		BF_decrypt;
++		CAST_set_key;
++		CAST_encrypt;
++		CAST_decrypt;
++		CAST_ecb_encrypt;
++		CAST_cbc_encrypt;
++		CAST_cfb64_encrypt;
++		CAST_ofb64_encrypt;
++		RC2_decrypt;
++		OBJ_create_objects;
++		BN_exp;
++		BN_mul_word;
++		BN_sub_word;
++		BN_dec2bn;
++		BN_bn2dec;
++		BIO_ghbn_ctrl;
++		CRYPTO_free_ex_data;
++		CRYPTO_get_ex_data;
++		CRYPTO_set_ex_data;
++		ERR_load_CRYPTO_strings;
++		ERR_load_CRYPTOlib_strings;
++		EVP_PKEY_bits;
++		MD5_Transform;
++		SHA1_Transform;
++		SHA_Transform;
++		X509_STORE_CTX_get_chain;
++		X509_STORE_CTX_get_current_cert;
++		X509_STORE_CTX_get_error;
++		X509_STORE_CTX_get_error_depth;
++		X509_STORE_CTX_get_ex_data;
++		X509_STORE_CTX_set_cert;
++		X509_STORE_CTX_set_chain;
++		X509_STORE_CTX_set_error;
++		X509_STORE_CTX_set_ex_data;
++		CRYPTO_dup_ex_data;
++		CRYPTO_get_new_lockid;
++		CRYPTO_new_ex_data;
++		RSA_set_ex_data;
++		RSA_get_ex_data;
++		RSA_get_ex_new_index;
++		RSA_padding_add_PKCS1_type_1;
++		RSA_padding_add_PKCS1_type_2;
++		RSA_padding_add_SSLv23;
++		RSA_padding_add_none;
++		RSA_padding_check_PKCS1_type_1;
++		RSA_padding_check_PKCS1_type_2;
++		RSA_padding_check_SSLv23;
++		RSA_padding_check_none;
++		bn_add_words;
++		d2i_Netscape_RSA_2;
++		CRYPTO_get_ex_new_index;
++		RIPEMD160_Init;
++		RIPEMD160_Update;
++		RIPEMD160_Final;
++		RIPEMD160;
++		RIPEMD160_Transform;
++		RC5_32_set_key;
++		RC5_32_ecb_encrypt;
++		RC5_32_encrypt;
++		RC5_32_decrypt;
++		RC5_32_cbc_encrypt;
++		RC5_32_cfb64_encrypt;
++		RC5_32_ofb64_encrypt;
++		BN_bn2mpi;
++		BN_mpi2bn;
++		ASN1_BIT_STRING_get_bit;
++		ASN1_BIT_STRING_set_bit;
++		BIO_get_ex_data;
++		BIO_get_ex_new_index;
++		BIO_set_ex_data;
++		X509v3_get_key_usage;
++		X509v3_set_key_usage;
++		a2i_X509v3_key_usage;
++		i2a_X509v3_key_usage;
++		EVP_PKEY_decrypt;
++		EVP_PKEY_encrypt;
++		PKCS7_RECIP_INFO_set;
++		PKCS7_add_recipient;
++		PKCS7_add_recipient_info;
++		PKCS7_set_cipher;
++		ASN1_TYPE_get_int_octetstring;
++		ASN1_TYPE_get_octetstring;
++		ASN1_TYPE_set_int_octetstring;
++		ASN1_TYPE_set_octetstring;
++		ASN1_UTCTIME_set_string;
++		ERR_add_error_data;
++		ERR_set_error_data;
++		EVP_CIPHER_asn1_to_param;
++		EVP_CIPHER_param_to_asn1;
++		EVP_CIPHER_get_asn1_iv;
++		EVP_CIPHER_set_asn1_iv;
++		EVP_rc5_32_12_16_cbc;
++		EVP_rc5_32_12_16_cfb64;
++		EVP_rc5_32_12_16_ecb;
++		EVP_rc5_32_12_16_ofb;
++		asn1_add_error;
++		d2i_ASN1_BMPSTRING;
++		i2d_ASN1_BMPSTRING;
++		BIO_f_ber;
++		BN_init;
++		COMP_CTX_new;
++		COMP_CTX_free;
++		COMP_CTX_compress_block;
++		COMP_CTX_expand_block;
++		X509_STORE_CTX_get_ex_new_index;
++		OBJ_NAME_add;
++		BIO_socket_nbio;
++		EVP_rc2_64_cbc;
++		OBJ_NAME_cleanup;
++		OBJ_NAME_get;
++		OBJ_NAME_init;
++		OBJ_NAME_new_index;
++		OBJ_NAME_remove;
++		BN_MONT_CTX_copy;
++		BIO_new_socks4a_connect;
++		BIO_s_socks4a_connect;
++		PROXY_set_connect_mode;
++		RAND_SSLeay;
++		RAND_set_rand_method;
++		RSA_memory_lock;
++		bn_sub_words;
++		bn_mul_normal;
++		bn_mul_comba8;
++		bn_mul_comba4;
++		bn_sqr_normal;
++		bn_sqr_comba8;
++		bn_sqr_comba4;
++		bn_cmp_words;
++		bn_mul_recursive;
++		bn_mul_part_recursive;
++		bn_sqr_recursive;
++		bn_mul_low_normal;
++		BN_RECP_CTX_init;
++		BN_RECP_CTX_new;
++		BN_RECP_CTX_free;
++		BN_RECP_CTX_set;
++		BN_mod_mul_reciprocal;
++		BN_mod_exp_recp;
++		BN_div_recp;
++		BN_CTX_init;
++		BN_MONT_CTX_init;
++		RAND_get_rand_method;
++		PKCS7_add_attribute;
++		PKCS7_add_signed_attribute;
++		PKCS7_digest_from_attributes;
++		PKCS7_get_attribute;
++		PKCS7_get_issuer_and_serial;
++		PKCS7_get_signed_attribute;
++		COMP_compress_block;
++		COMP_expand_block;
++		COMP_rle;
++		COMP_zlib;
++		ms_time_diff;
++		ms_time_new;
++		ms_time_free;
++		ms_time_cmp;
++		ms_time_get;
++		PKCS7_set_attributes;
++		PKCS7_set_signed_attributes;
++		X509_ATTRIBUTE_create;
++		X509_ATTRIBUTE_dup;
++		ASN1_GENERALIZEDTIME_check;
++		ASN1_GENERALIZEDTIME_print;
++		ASN1_GENERALIZEDTIME_set;
++		ASN1_GENERALIZEDTIME_set_string;
++		ASN1_TIME_print;
++		BASIC_CONSTRAINTS_free;
++		BASIC_CONSTRAINTS_new;
++		ERR_load_X509V3_strings;
++		NETSCAPE_CERT_SEQUENCE_free;
++		NETSCAPE_CERT_SEQUENCE_new;
++		OBJ_txt2obj;
++		PEM_read_NETSCAPE_CERT_SEQUENCE;
++		PEM_read_NS_CERT_SEQ;
++		PEM_read_bio_NETSCAPE_CERT_SEQUENCE;
++		PEM_read_bio_NS_CERT_SEQ;
++		PEM_write_NETSCAPE_CERT_SEQUENCE;
++		PEM_write_NS_CERT_SEQ;
++		PEM_write_bio_NETSCAPE_CERT_SEQUENCE;
++		PEM_write_bio_NS_CERT_SEQ;
++		X509V3_EXT_add;
++		X509V3_EXT_add_alias;
++		X509V3_EXT_add_conf;
++		X509V3_EXT_cleanup;
++		X509V3_EXT_conf;
++		X509V3_EXT_conf_nid;
++		X509V3_EXT_get;
++		X509V3_EXT_get_nid;
++		X509V3_EXT_print;
++		X509V3_EXT_print_fp;
++		X509V3_add_standard_extensions;
++		X509V3_add_value;
++		X509V3_add_value_bool;
++		X509V3_add_value_int;
++		X509V3_conf_free;
++		X509V3_get_value_bool;
++		X509V3_get_value_int;
++		X509V3_parse_list;
++		d2i_ASN1_GENERALIZEDTIME;
++		d2i_ASN1_TIME;
++		d2i_BASIC_CONSTRAINTS;
++		d2i_NETSCAPE_CERT_SEQUENCE;
++		d2i_ext_ku;
++		ext_ku_free;
++		ext_ku_new;
++		i2d_ASN1_GENERALIZEDTIME;
++		i2d_ASN1_TIME;
++		i2d_BASIC_CONSTRAINTS;
++		i2d_NETSCAPE_CERT_SEQUENCE;
++		i2d_ext_ku;
++		EVP_MD_CTX_copy;
++		i2d_ASN1_ENUMERATED;
++		d2i_ASN1_ENUMERATED;
++		ASN1_ENUMERATED_set;
++		ASN1_ENUMERATED_get;
++		BN_to_ASN1_ENUMERATED;
++		ASN1_ENUMERATED_to_BN;
++		i2a_ASN1_ENUMERATED;
++		a2i_ASN1_ENUMERATED;
++		i2d_GENERAL_NAME;
++		d2i_GENERAL_NAME;
++		GENERAL_NAME_new;
++		GENERAL_NAME_free;
++		GENERAL_NAMES_new;
++		GENERAL_NAMES_free;
++		d2i_GENERAL_NAMES;
++		i2d_GENERAL_NAMES;
++		i2v_GENERAL_NAMES;
++		i2s_ASN1_OCTET_STRING;
++		s2i_ASN1_OCTET_STRING;
++		X509V3_EXT_check_conf;
++		hex_to_string;
++		string_to_hex;
++		DES_ede3_cbcm_encrypt;
++		RSA_padding_add_PKCS1_OAEP;
++		RSA_padding_check_PKCS1_OAEP;
++		X509_CRL_print_fp;
++		X509_CRL_print;
++		i2v_GENERAL_NAME;
++		v2i_GENERAL_NAME;
++		i2d_PKEY_USAGE_PERIOD;
++		d2i_PKEY_USAGE_PERIOD;
++		PKEY_USAGE_PERIOD_new;
++		PKEY_USAGE_PERIOD_free;
++		v2i_GENERAL_NAMES;
++		i2s_ASN1_INTEGER;
++		X509V3_EXT_d2i;
++		name_cmp;
++		str_dup;
++		i2s_ASN1_ENUMERATED;
++		i2s_ASN1_ENUMERATED_TABLE;
++		BIO_s_log;
++		BIO_f_reliable;
++		PKCS7_dataFinal;
++		PKCS7_dataDecode;
++		X509V3_EXT_CRL_add_conf;
++		BN_set_params;
++		BN_get_params;
++		BIO_get_ex_num;
++		BIO_set_ex_free_func;
++		EVP_ripemd160;
++		ASN1_TIME_set;
++		i2d_AUTHORITY_KEYID;
++		d2i_AUTHORITY_KEYID;
++		AUTHORITY_KEYID_new;
++		AUTHORITY_KEYID_free;
++		ASN1_seq_unpack;
++		ASN1_seq_pack;
++		ASN1_unpack_string;
++		ASN1_pack_string;
++		PKCS12_pack_safebag;
++		PKCS12_MAKE_KEYBAG;
++		PKCS8_encrypt;
++		PKCS12_MAKE_SHKEYBAG;
++		PKCS12_pack_p7data;
++		PKCS12_pack_p7encdata;
++		PKCS12_add_localkeyid;
++		PKCS12_add_friendlyname_asc;
++		PKCS12_add_friendlyname_uni;
++		PKCS12_get_friendlyname;
++		PKCS12_pbe_crypt;
++		PKCS12_decrypt_d2i;
++		PKCS12_i2d_encrypt;
++		PKCS12_init;
++		PKCS12_key_gen_asc;
++		PKCS12_key_gen_uni;
++		PKCS12_gen_mac;
++		PKCS12_verify_mac;
++		PKCS12_set_mac;
++		PKCS12_setup_mac;
++		OPENSSL_asc2uni;
++		OPENSSL_uni2asc;
++		i2d_PKCS12_BAGS;
++		PKCS12_BAGS_new;
++		d2i_PKCS12_BAGS;
++		PKCS12_BAGS_free;
++		i2d_PKCS12;
++		d2i_PKCS12;
++		PKCS12_new;
++		PKCS12_free;
++		i2d_PKCS12_MAC_DATA;
++		PKCS12_MAC_DATA_new;
++		d2i_PKCS12_MAC_DATA;
++		PKCS12_MAC_DATA_free;
++		i2d_PKCS12_SAFEBAG;
++		PKCS12_SAFEBAG_new;
++		d2i_PKCS12_SAFEBAG;
++		PKCS12_SAFEBAG_free;
++		ERR_load_PKCS12_strings;
++		PKCS12_PBE_add;
++		PKCS8_add_keyusage;
++		PKCS12_get_attr_gen;
++		PKCS12_parse;
++		PKCS12_create;
++		i2d_PKCS12_bio;
++		i2d_PKCS12_fp;
++		d2i_PKCS12_bio;
++		d2i_PKCS12_fp;
++		i2d_PBEPARAM;
++		PBEPARAM_new;
++		d2i_PBEPARAM;
++		PBEPARAM_free;
++		i2d_PKCS8_PRIV_KEY_INFO;
++		PKCS8_PRIV_KEY_INFO_new;
++		d2i_PKCS8_PRIV_KEY_INFO;
++		PKCS8_PRIV_KEY_INFO_free;
++		EVP_PKCS82PKEY;
++		EVP_PKEY2PKCS8;
++		PKCS8_set_broken;
++		EVP_PBE_ALGOR_CipherInit;
++		EVP_PBE_alg_add;
++		PKCS5_pbe_set;
++		EVP_PBE_cleanup;
++		i2d_SXNET;
++		d2i_SXNET;
++		SXNET_new;
++		SXNET_free;
++		i2d_SXNETID;
++		d2i_SXNETID;
++		SXNETID_new;
++		SXNETID_free;
++		DSA_SIG_new;
++		DSA_SIG_free;
++		DSA_do_sign;
++		DSA_do_verify;
++		d2i_DSA_SIG;
++		i2d_DSA_SIG;
++		i2d_ASN1_VISIBLESTRING;
++		d2i_ASN1_VISIBLESTRING;
++		i2d_ASN1_UTF8STRING;
++		d2i_ASN1_UTF8STRING;
++		i2d_DIRECTORYSTRING;
++		d2i_DIRECTORYSTRING;
++		i2d_DISPLAYTEXT;
++		d2i_DISPLAYTEXT;
++		d2i_ASN1_SET_OF_X509;
++		i2d_ASN1_SET_OF_X509;
++		i2d_PBKDF2PARAM;
++		PBKDF2PARAM_new;
++		d2i_PBKDF2PARAM;
++		PBKDF2PARAM_free;
++		i2d_PBE2PARAM;
++		PBE2PARAM_new;
++		d2i_PBE2PARAM;
++		PBE2PARAM_free;
++		d2i_ASN1_SET_OF_GENERAL_NAME;
++		i2d_ASN1_SET_OF_GENERAL_NAME;
++		d2i_ASN1_SET_OF_SXNETID;
++		i2d_ASN1_SET_OF_SXNETID;
++		d2i_ASN1_SET_OF_POLICYQUALINFO;
++		i2d_ASN1_SET_OF_POLICYQUALINFO;
++		d2i_ASN1_SET_OF_POLICYINFO;
++		i2d_ASN1_SET_OF_POLICYINFO;
++		SXNET_add_id_asc;
++		SXNET_add_id_ulong;
++		SXNET_add_id_INTEGER;
++		SXNET_get_id_asc;
++		SXNET_get_id_ulong;
++		SXNET_get_id_INTEGER;
++		X509V3_set_conf_lhash;
++		i2d_CERTIFICATEPOLICIES;
++		CERTIFICATEPOLICIES_new;
++		CERTIFICATEPOLICIES_free;
++		d2i_CERTIFICATEPOLICIES;
++		i2d_POLICYINFO;
++		POLICYINFO_new;
++		d2i_POLICYINFO;
++		POLICYINFO_free;
++		i2d_POLICYQUALINFO;
++		POLICYQUALINFO_new;
++		d2i_POLICYQUALINFO;
++		POLICYQUALINFO_free;
++		i2d_USERNOTICE;
++		USERNOTICE_new;
++		d2i_USERNOTICE;
++		USERNOTICE_free;
++		i2d_NOTICEREF;
++		NOTICEREF_new;
++		d2i_NOTICEREF;
++		NOTICEREF_free;
++		X509V3_get_string;
++		X509V3_get_section;
++		X509V3_string_free;
++		X509V3_section_free;
++		X509V3_set_ctx;
++		s2i_ASN1_INTEGER;
++		CRYPTO_set_locked_mem_functions;
++		CRYPTO_get_locked_mem_functions;
++		CRYPTO_malloc_locked;
++		CRYPTO_free_locked;
++		BN_mod_exp2_mont;
++		ERR_get_error_line_data;
++		ERR_peek_error_line_data;
++		PKCS12_PBE_keyivgen;
++		X509_ALGOR_dup;
++		d2i_ASN1_SET_OF_DIST_POINT;
++		i2d_ASN1_SET_OF_DIST_POINT;
++		i2d_CRL_DIST_POINTS;
++		CRL_DIST_POINTS_new;
++		CRL_DIST_POINTS_free;
++		d2i_CRL_DIST_POINTS;
++		i2d_DIST_POINT;
++		DIST_POINT_new;
++		d2i_DIST_POINT;
++		DIST_POINT_free;
++		i2d_DIST_POINT_NAME;
++		DIST_POINT_NAME_new;
++		DIST_POINT_NAME_free;
++		d2i_DIST_POINT_NAME;
++		X509V3_add_value_uchar;
++		d2i_ASN1_SET_OF_X509_ATTRIBUTE;
++		i2d_ASN1_SET_OF_ASN1_TYPE;
++		d2i_ASN1_SET_OF_X509_EXTENSION;
++		d2i_ASN1_SET_OF_X509_NAME_ENTRY;
++		d2i_ASN1_SET_OF_ASN1_TYPE;
++		i2d_ASN1_SET_OF_X509_ATTRIBUTE;
++		i2d_ASN1_SET_OF_X509_EXTENSION;
++		i2d_ASN1_SET_OF_X509_NAME_ENTRY;
++		X509V3_EXT_i2d;
++		X509V3_EXT_val_prn;
++		X509V3_EXT_add_list;
++		EVP_CIPHER_type;
++		EVP_PBE_CipherInit;
++		X509V3_add_value_bool_nf;
++		d2i_ASN1_UINTEGER;
++		sk_value;
++		sk_num;
++		sk_set;
++		i2d_ASN1_SET_OF_X509_REVOKED;
++		sk_sort;
++		d2i_ASN1_SET_OF_X509_REVOKED;
++		i2d_ASN1_SET_OF_X509_ALGOR;
++		i2d_ASN1_SET_OF_X509_CRL;
++		d2i_ASN1_SET_OF_X509_ALGOR;
++		d2i_ASN1_SET_OF_X509_CRL;
++		i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO;
++		i2d_ASN1_SET_OF_PKCS7_RECIP_INFO;
++		d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO;
++		d2i_ASN1_SET_OF_PKCS7_RECIP_INFO;
++		PKCS5_PBE_add;
++		PEM_write_bio_PKCS8;
++		i2d_PKCS8_fp;
++		PEM_read_bio_PKCS8_PRIV_KEY_INFO;
++		PEM_read_bio_P8_PRIV_KEY_INFO;
++		d2i_PKCS8_bio;
++		d2i_PKCS8_PRIV_KEY_INFO_fp;
++		PEM_write_bio_PKCS8_PRIV_KEY_INFO;
++		PEM_write_bio_P8_PRIV_KEY_INFO;
++		PEM_read_PKCS8;
++		d2i_PKCS8_PRIV_KEY_INFO_bio;
++		d2i_PKCS8_fp;
++		PEM_write_PKCS8;
++		PEM_read_PKCS8_PRIV_KEY_INFO;
++		PEM_read_P8_PRIV_KEY_INFO;
++		PEM_read_bio_PKCS8;
++		PEM_write_PKCS8_PRIV_KEY_INFO;
++		PEM_write_P8_PRIV_KEY_INFO;
++		PKCS5_PBE_keyivgen;
++		i2d_PKCS8_bio;
++		i2d_PKCS8_PRIV_KEY_INFO_fp;
++		i2d_PKCS8_PRIV_KEY_INFO_bio;
++		BIO_s_bio;
++		PKCS5_pbe2_set;
++		PKCS5_PBKDF2_HMAC_SHA1;
++		PKCS5_v2_PBE_keyivgen;
++		PEM_write_bio_PKCS8PrivateKey;
++		PEM_write_PKCS8PrivateKey;
++		BIO_ctrl_get_read_request;
++		BIO_ctrl_pending;
++		BIO_ctrl_wpending;
++		BIO_new_bio_pair;
++		BIO_ctrl_get_write_guarantee;
++		CRYPTO_num_locks;
++		CONF_load_bio;
++		CONF_load_fp;
++		i2d_ASN1_SET_OF_ASN1_OBJECT;
++		d2i_ASN1_SET_OF_ASN1_OBJECT;
++		PKCS7_signatureVerify;
++		RSA_set_method;
++		RSA_get_method;
++		RSA_get_default_method;
++		RSA_check_key;
++		OBJ_obj2txt;
++		DSA_dup_DH;
++		X509_REQ_get_extensions;
++		X509_REQ_set_extension_nids;
++		BIO_nwrite;
++		X509_REQ_extension_nid;
++		BIO_nread;
++		X509_REQ_get_extension_nids;
++		BIO_nwrite0;
++		X509_REQ_add_extensions_nid;
++		BIO_nread0;
++		X509_REQ_add_extensions;
++		BIO_new_mem_buf;
++		DH_set_ex_data;
++		DH_set_method;
++		DSA_OpenSSL;
++		DH_get_ex_data;
++		DH_get_ex_new_index;
++		DSA_new_method;
++		DH_new_method;
++		DH_OpenSSL;
++		DSA_get_ex_new_index;
++		DH_get_default_method;
++		DSA_set_ex_data;
++		DH_set_default_method;
++		DSA_get_ex_data;
++		X509V3_EXT_REQ_add_conf;
++		NETSCAPE_SPKI_print;
++		NETSCAPE_SPKI_set_pubkey;
++		NETSCAPE_SPKI_b64_encode;
++		NETSCAPE_SPKI_get_pubkey;
++		NETSCAPE_SPKI_b64_decode;
++		UTF8_putc;
++		UTF8_getc;
++		RSA_null_method;
++		ASN1_tag2str;
++		BIO_ctrl_reset_read_request;
++		DISPLAYTEXT_new;
++		ASN1_GENERALIZEDTIME_free;
++		X509_REVOKED_get_ext_d2i;
++		X509_set_ex_data;
++		X509_reject_set_bit_asc;
++		X509_NAME_add_entry_by_txt;
++		X509_NAME_add_entry_by_NID;
++		X509_PURPOSE_get0;
++		PEM_read_X509_AUX;
++		d2i_AUTHORITY_INFO_ACCESS;
++		PEM_write_PUBKEY;
++		ACCESS_DESCRIPTION_new;
++		X509_CERT_AUX_free;
++		d2i_ACCESS_DESCRIPTION;
++		X509_trust_clear;
++		X509_TRUST_add;
++		ASN1_VISIBLESTRING_new;
++		X509_alias_set1;
++		ASN1_PRINTABLESTRING_free;
++		EVP_PKEY_get1_DSA;
++		ASN1_BMPSTRING_new;
++		ASN1_mbstring_copy;
++		ASN1_UTF8STRING_new;
++		DSA_get_default_method;
++		i2d_ASN1_SET_OF_ACCESS_DESCRIPTION;
++		ASN1_T61STRING_free;
++		DSA_set_method;
++		X509_get_ex_data;
++		ASN1_STRING_type;
++		X509_PURPOSE_get_by_sname;
++		ASN1_TIME_free;
++		ASN1_OCTET_STRING_cmp;
++		ASN1_BIT_STRING_new;
++		X509_get_ext_d2i;
++		PEM_read_bio_X509_AUX;
++		ASN1_STRING_set_default_mask_asc;
++		ASN1_STRING_set_def_mask_asc;
++		PEM_write_bio_RSA_PUBKEY;
++		ASN1_INTEGER_cmp;
++		d2i_RSA_PUBKEY_fp;
++		X509_trust_set_bit_asc;
++		PEM_write_bio_DSA_PUBKEY;
++		X509_STORE_CTX_free;
++		EVP_PKEY_set1_DSA;
++		i2d_DSA_PUBKEY_fp;
++		X509_load_cert_crl_file;
++		ASN1_TIME_new;
++		i2d_RSA_PUBKEY;
++		X509_STORE_CTX_purpose_inherit;
++		PEM_read_RSA_PUBKEY;
++		d2i_X509_AUX;
++		i2d_DSA_PUBKEY;
++		X509_CERT_AUX_print;
++		PEM_read_DSA_PUBKEY;
++		i2d_RSA_PUBKEY_bio;
++		ASN1_BIT_STRING_num_asc;
++		i2d_PUBKEY;
++		ASN1_UTCTIME_free;
++		DSA_set_default_method;
++		X509_PURPOSE_get_by_id;
++		ACCESS_DESCRIPTION_free;
++		PEM_read_bio_PUBKEY;
++		ASN1_STRING_set_by_NID;
++		X509_PURPOSE_get_id;
++		DISPLAYTEXT_free;
++		OTHERNAME_new;
++		X509_CERT_AUX_new;
++		X509_TRUST_cleanup;
++		X509_NAME_add_entry_by_OBJ;
++		X509_CRL_get_ext_d2i;
++		X509_PURPOSE_get0_name;
++		PEM_read_PUBKEY;
++		i2d_DSA_PUBKEY_bio;
++		i2d_OTHERNAME;
++		ASN1_OCTET_STRING_free;
++		ASN1_BIT_STRING_set_asc;
++		X509_get_ex_new_index;
++		ASN1_STRING_TABLE_cleanup;
++		X509_TRUST_get_by_id;
++		X509_PURPOSE_get_trust;
++		ASN1_STRING_length;
++		d2i_ASN1_SET_OF_ACCESS_DESCRIPTION;
++		ASN1_PRINTABLESTRING_new;
++		X509V3_get_d2i;
++		ASN1_ENUMERATED_free;
++		i2d_X509_CERT_AUX;
++		X509_STORE_CTX_set_trust;
++		ASN1_STRING_set_default_mask;
++		X509_STORE_CTX_new;
++		EVP_PKEY_get1_RSA;
++		DIRECTORYSTRING_free;
++		PEM_write_X509_AUX;
++		ASN1_OCTET_STRING_set;
++		d2i_DSA_PUBKEY_fp;
++		d2i_RSA_PUBKEY;
++		X509_TRUST_get0_name;
++		X509_TRUST_get0;
++		AUTHORITY_INFO_ACCESS_free;
++		ASN1_IA5STRING_new;
++		d2i_DSA_PUBKEY;
++		X509_check_purpose;
++		ASN1_ENUMERATED_new;
++		d2i_RSA_PUBKEY_bio;
++		d2i_PUBKEY;
++		X509_TRUST_get_trust;
++		X509_TRUST_get_flags;
++		ASN1_BMPSTRING_free;
++		ASN1_T61STRING_new;
++		ASN1_UTCTIME_new;
++		i2d_AUTHORITY_INFO_ACCESS;
++		EVP_PKEY_set1_RSA;
++		X509_STORE_CTX_set_purpose;
++		ASN1_IA5STRING_free;
++		PEM_write_bio_X509_AUX;
++		X509_PURPOSE_get_count;
++		CRYPTO_add_info;
++		X509_NAME_ENTRY_create_by_txt;
++		ASN1_STRING_get_default_mask;
++		X509_alias_get0;
++		ASN1_STRING_data;
++		i2d_ACCESS_DESCRIPTION;
++		X509_trust_set_bit;
++		ASN1_BIT_STRING_free;
++		PEM_read_bio_RSA_PUBKEY;
++		X509_add1_reject_object;
++		X509_check_trust;
++		PEM_read_bio_DSA_PUBKEY;
++		X509_PURPOSE_add;
++		ASN1_STRING_TABLE_get;
++		ASN1_UTF8STRING_free;
++		d2i_DSA_PUBKEY_bio;
++		PEM_write_RSA_PUBKEY;
++		d2i_OTHERNAME;
++		X509_reject_set_bit;
++		PEM_write_DSA_PUBKEY;
++		X509_PURPOSE_get0_sname;
++		EVP_PKEY_set1_DH;
++		ASN1_OCTET_STRING_dup;
++		ASN1_BIT_STRING_set;
++		X509_TRUST_get_count;
++		ASN1_INTEGER_free;
++		OTHERNAME_free;
++		i2d_RSA_PUBKEY_fp;
++		ASN1_INTEGER_dup;
++		d2i_X509_CERT_AUX;
++		PEM_write_bio_PUBKEY;
++		ASN1_VISIBLESTRING_free;
++		X509_PURPOSE_cleanup;
++		ASN1_mbstring_ncopy;
++		ASN1_GENERALIZEDTIME_new;
++		EVP_PKEY_get1_DH;
++		ASN1_OCTET_STRING_new;
++		ASN1_INTEGER_new;
++		i2d_X509_AUX;
++		ASN1_BIT_STRING_name_print;
++		X509_cmp;
++		ASN1_STRING_length_set;
++		DIRECTORYSTRING_new;
++		X509_add1_trust_object;
++		PKCS12_newpass;
++		SMIME_write_PKCS7;
++		SMIME_read_PKCS7;
++		DES_set_key_checked;
++		PKCS7_verify;
++		PKCS7_encrypt;
++		DES_set_key_unchecked;
++		SMIME_crlf_copy;
++		i2d_ASN1_PRINTABLESTRING;
++		PKCS7_get0_signers;
++		PKCS7_decrypt;
++		SMIME_text;
++		PKCS7_simple_smimecap;
++		PKCS7_get_smimecap;
++		PKCS7_sign;
++		PKCS7_add_attrib_smimecap;
++		CRYPTO_dbg_set_options;
++		CRYPTO_remove_all_info;
++		CRYPTO_get_mem_debug_functions;
++		CRYPTO_is_mem_check_on;
++		CRYPTO_set_mem_debug_functions;
++		CRYPTO_pop_info;
++		CRYPTO_push_info_;
++		CRYPTO_set_mem_debug_options;
++		PEM_write_PKCS8PrivateKey_nid;
++		PEM_write_bio_PKCS8PrivateKey_nid;
++		PEM_write_bio_PKCS8PrivKey_nid;
++		d2i_PKCS8PrivateKey_bio;
++		ASN1_NULL_free;
++		d2i_ASN1_NULL;
++		ASN1_NULL_new;
++		i2d_PKCS8PrivateKey_bio;
++		i2d_PKCS8PrivateKey_fp;
++		i2d_ASN1_NULL;
++		i2d_PKCS8PrivateKey_nid_fp;
++		d2i_PKCS8PrivateKey_fp;
++		i2d_PKCS8PrivateKey_nid_bio;
++		i2d_PKCS8PrivateKeyInfo_fp;
++		i2d_PKCS8PrivateKeyInfo_bio;
++		PEM_cb;
++		i2d_PrivateKey_fp;
++		d2i_PrivateKey_bio;
++		d2i_PrivateKey_fp;
++		i2d_PrivateKey_bio;
++		X509_reject_clear;
++		X509_TRUST_set_default;
++		d2i_AutoPrivateKey;
++		X509_ATTRIBUTE_get0_type;
++		X509_ATTRIBUTE_set1_data;
++		X509at_get_attr;
++		X509at_get_attr_count;
++		X509_ATTRIBUTE_create_by_NID;
++		X509_ATTRIBUTE_set1_object;
++		X509_ATTRIBUTE_count;
++		X509_ATTRIBUTE_create_by_OBJ;
++		X509_ATTRIBUTE_get0_object;
++		X509at_get_attr_by_NID;
++		X509at_add1_attr;
++		X509_ATTRIBUTE_get0_data;
++		X509at_delete_attr;
++		X509at_get_attr_by_OBJ;
++		RAND_add;
++		BIO_number_written;
++		BIO_number_read;
++		X509_STORE_CTX_get1_chain;
++		ERR_load_RAND_strings;
++		RAND_pseudo_bytes;
++		X509_REQ_get_attr_by_NID;
++		X509_REQ_get_attr;
++		X509_REQ_add1_attr_by_NID;
++		X509_REQ_get_attr_by_OBJ;
++		X509at_add1_attr_by_NID;
++		X509_REQ_add1_attr_by_OBJ;
++		X509_REQ_get_attr_count;
++		X509_REQ_add1_attr;
++		X509_REQ_delete_attr;
++		X509at_add1_attr_by_OBJ;
++		X509_REQ_add1_attr_by_txt;
++		X509_ATTRIBUTE_create_by_txt;
++		X509at_add1_attr_by_txt;
++		BN_pseudo_rand;
++		BN_is_prime_fasttest;
++		BN_CTX_end;
++		BN_CTX_start;
++		BN_CTX_get;
++		EVP_PKEY2PKCS8_broken;
++		ASN1_STRING_TABLE_add;
++		CRYPTO_dbg_get_options;
++		AUTHORITY_INFO_ACCESS_new;
++		CRYPTO_get_mem_debug_options;
++		DES_crypt;
++		PEM_write_bio_X509_REQ_NEW;
++		PEM_write_X509_REQ_NEW;
++		BIO_callback_ctrl;
++		RAND_egd;
++		RAND_status;
++		bn_dump1;
++		DES_check_key_parity;
++		lh_num_items;
++		RAND_event;
++		DSO_new;
++		DSO_new_method;
++		DSO_free;
++		DSO_flags;
++		DSO_up;
++		DSO_set_default_method;
++		DSO_get_default_method;
++		DSO_get_method;
++		DSO_set_method;
++		DSO_load;
++		DSO_bind_var;
++		DSO_METHOD_null;
++		DSO_METHOD_openssl;
++		DSO_METHOD_dlfcn;
++		DSO_METHOD_win32;
++		ERR_load_DSO_strings;
++		DSO_METHOD_dl;
++		NCONF_load;
++		NCONF_load_fp;
++		NCONF_new;
++		NCONF_get_string;
++		NCONF_free;
++		NCONF_get_number;
++		CONF_dump_fp;
++		NCONF_load_bio;
++		NCONF_dump_fp;
++		NCONF_get_section;
++		NCONF_dump_bio;
++		CONF_dump_bio;
++		NCONF_free_data;
++		CONF_set_default_method;
++		ERR_error_string_n;
++		BIO_snprintf;
++		DSO_ctrl;
++		i2d_ASN1_SET_OF_ASN1_INTEGER;
++		i2d_ASN1_SET_OF_PKCS12_SAFEBAG;
++		i2d_ASN1_SET_OF_PKCS7;
++		BIO_vfree;
++		d2i_ASN1_SET_OF_ASN1_INTEGER;
++		d2i_ASN1_SET_OF_PKCS12_SAFEBAG;
++		ASN1_UTCTIME_get;
++		X509_REQ_digest;
++		X509_CRL_digest;
++		d2i_ASN1_SET_OF_PKCS7;
++		EVP_CIPHER_CTX_set_key_length;
++		EVP_CIPHER_CTX_ctrl;
++		BN_mod_exp_mont_word;
++		RAND_egd_bytes;
++		X509_REQ_get1_email;
++		X509_get1_email;
++		X509_email_free;
++		i2d_RSA_NET;
++		d2i_RSA_NET_2;
++		d2i_RSA_NET;
++		DSO_bind_func;
++		CRYPTO_get_new_dynlockid;
++		sk_new_null;
++		CRYPTO_set_dynlock_destroy_callback;
++		CRYPTO_set_dynlock_destroy_cb;
++		CRYPTO_destroy_dynlockid;
++		CRYPTO_set_dynlock_size;
++		CRYPTO_set_dynlock_create_callback;
++		CRYPTO_set_dynlock_create_cb;
++		CRYPTO_set_dynlock_lock_callback;
++		CRYPTO_set_dynlock_lock_cb;
++		CRYPTO_get_dynlock_lock_callback;
++		CRYPTO_get_dynlock_lock_cb;
++		CRYPTO_get_dynlock_destroy_callback;
++		CRYPTO_get_dynlock_destroy_cb;
++		CRYPTO_get_dynlock_value;
++		CRYPTO_get_dynlock_create_callback;
++		CRYPTO_get_dynlock_create_cb;
++		c2i_ASN1_BIT_STRING;
++		i2c_ASN1_BIT_STRING;
++		RAND_poll;
++		c2i_ASN1_INTEGER;
++		i2c_ASN1_INTEGER;
++		BIO_dump_indent;
++		ASN1_parse_dump;
++		c2i_ASN1_OBJECT;
++		X509_NAME_print_ex_fp;
++		ASN1_STRING_print_ex_fp;
++		X509_NAME_print_ex;
++		ASN1_STRING_print_ex;
++		MD4;
++		MD4_Transform;
++		MD4_Final;
++		MD4_Update;
++		MD4_Init;
++		EVP_md4;
++		i2d_PUBKEY_bio;
++		i2d_PUBKEY_fp;
++		d2i_PUBKEY_bio;
++		ASN1_STRING_to_UTF8;
++		BIO_vprintf;
++		BIO_vsnprintf;
++		d2i_PUBKEY_fp;
++		X509_cmp_time;
++		X509_STORE_CTX_set_time;
++		X509_STORE_CTX_get1_issuer;
++		X509_OBJECT_retrieve_match;
++		X509_OBJECT_idx_by_subject;
++		X509_STORE_CTX_set_flags;
++		X509_STORE_CTX_trusted_stack;
++		X509_time_adj;
++		X509_check_issued;
++		ASN1_UTCTIME_cmp_time_t;
++		DES_set_weak_key_flag;
++		DES_check_key;
++		DES_rw_mode;
++		RSA_PKCS1_RSAref;
++		X509_keyid_set1;
++		BIO_next;
++		DSO_METHOD_vms;
++		BIO_f_linebuffer;
++		BN_bntest_rand;
++		OPENSSL_issetugid;
++		BN_rand_range;
++		ERR_load_ENGINE_strings;
++		ENGINE_set_DSA;
++		ENGINE_get_finish_function;
++		ENGINE_get_default_RSA;
++		ENGINE_get_BN_mod_exp;
++		DSA_get_default_openssl_method;
++		ENGINE_set_DH;
++		ENGINE_set_def_BN_mod_exp_crt;
++		ENGINE_set_default_BN_mod_exp_crt;
++		ENGINE_init;
++		DH_get_default_openssl_method;
++		RSA_set_default_openssl_method;
++		ENGINE_finish;
++		ENGINE_load_public_key;
++		ENGINE_get_DH;
++		ENGINE_ctrl;
++		ENGINE_get_init_function;
++		ENGINE_set_init_function;
++		ENGINE_set_default_DSA;
++		ENGINE_get_name;
++		ENGINE_get_last;
++		ENGINE_get_prev;
++		ENGINE_get_default_DH;
++		ENGINE_get_RSA;
++		ENGINE_set_default;
++		ENGINE_get_RAND;
++		ENGINE_get_first;
++		ENGINE_by_id;
++		ENGINE_set_finish_function;
++		ENGINE_get_def_BN_mod_exp_crt;
++		ENGINE_get_default_BN_mod_exp_crt;
++		RSA_get_default_openssl_method;
++		ENGINE_set_RSA;
++		ENGINE_load_private_key;
++		ENGINE_set_default_RAND;
++		ENGINE_set_BN_mod_exp;
++		ENGINE_remove;
++		ENGINE_free;
++		ENGINE_get_BN_mod_exp_crt;
++		ENGINE_get_next;
++		ENGINE_set_name;
++		ENGINE_get_default_DSA;
++		ENGINE_set_default_BN_mod_exp;
++		ENGINE_set_default_RSA;
++		ENGINE_get_default_RAND;
++		ENGINE_get_default_BN_mod_exp;
++		ENGINE_set_RAND;
++		ENGINE_set_id;
++		ENGINE_set_BN_mod_exp_crt;
++		ENGINE_set_default_DH;
++		ENGINE_new;
++		ENGINE_get_id;
++		DSA_set_default_openssl_method;
++		ENGINE_add;
++		DH_set_default_openssl_method;
++		ENGINE_get_DSA;
++		ENGINE_get_ctrl_function;
++		ENGINE_set_ctrl_function;
++		BN_pseudo_rand_range;
++		X509_STORE_CTX_set_verify_cb;
++		ERR_load_COMP_strings;
++		PKCS12_item_decrypt_d2i;
++		ASN1_UTF8STRING_it;
++		ENGINE_unregister_ciphers;
++		ENGINE_get_ciphers;
++		d2i_OCSP_BASICRESP;
++		KRB5_CHECKSUM_it;
++		EC_POINT_add;
++		ASN1_item_ex_i2d;
++		OCSP_CERTID_it;
++		d2i_OCSP_RESPBYTES;
++		X509V3_add1_i2d;
++		PKCS7_ENVELOPE_it;
++		UI_add_input_boolean;
++		ENGINE_unregister_RSA;
++		X509V3_EXT_nconf;
++		ASN1_GENERALSTRING_free;
++		d2i_OCSP_CERTSTATUS;
++		X509_REVOKED_set_serialNumber;
++		X509_print_ex;
++		OCSP_ONEREQ_get1_ext_d2i;
++		ENGINE_register_all_RAND;
++		ENGINE_load_dynamic;
++		PBKDF2PARAM_it;
++		EXTENDED_KEY_USAGE_new;
++		EC_GROUP_clear_free;
++		OCSP_sendreq_bio;
++		ASN1_item_digest;
++		OCSP_BASICRESP_delete_ext;
++		OCSP_SIGNATURE_it;
++		X509_CRL_it;
++		OCSP_BASICRESP_add_ext;
++		KRB5_ENCKEY_it;
++		UI_method_set_closer;
++		X509_STORE_set_purpose;
++		i2d_ASN1_GENERALSTRING;
++		OCSP_response_status;
++		i2d_OCSP_SERVICELOC;
++		ENGINE_get_digest_engine;
++		EC_GROUP_set_curve_GFp;
++		OCSP_REQUEST_get_ext_by_OBJ;
++		_ossl_old_des_random_key;
++		ASN1_T61STRING_it;
++		EC_GROUP_method_of;
++		i2d_KRB5_APREQ;
++		_ossl_old_des_encrypt;
++		ASN1_PRINTABLE_new;
++		HMAC_Init_ex;
++		d2i_KRB5_AUTHENT;
++		OCSP_archive_cutoff_new;
++		EC_POINT_set_Jprojective_coordinates_GFp;
++		EC_POINT_set_Jproj_coords_GFp;
++		_ossl_old_des_is_weak_key;
++		OCSP_BASICRESP_get_ext_by_OBJ;
++		EC_POINT_oct2point;
++		OCSP_SINGLERESP_get_ext_count;
++		UI_ctrl;
++		_shadow_DES_rw_mode;
++		asn1_do_adb;
++		ASN1_template_i2d;
++		ENGINE_register_DH;
++		UI_construct_prompt;
++		X509_STORE_set_trust;
++		UI_dup_input_string;
++		d2i_KRB5_APREQ;
++		EVP_MD_CTX_copy_ex;
++		OCSP_request_is_signed;
++		i2d_OCSP_REQINFO;
++		KRB5_ENCKEY_free;
++		OCSP_resp_get0;
++		GENERAL_NAME_it;
++		ASN1_GENERALIZEDTIME_it;
++		X509_STORE_set_flags;
++		EC_POINT_set_compressed_coordinates_GFp;
++		EC_POINT_set_compr_coords_GFp;
++		OCSP_response_status_str;
++		d2i_OCSP_REVOKEDINFO;
++		OCSP_basic_add1_cert;
++		ERR_get_implementation;
++		EVP_CipherFinal_ex;
++		OCSP_CERTSTATUS_new;
++		CRYPTO_cleanup_all_ex_data;
++		OCSP_resp_find;
++		BN_nnmod;
++		X509_CRL_sort;
++		X509_REVOKED_set_revocationDate;
++		ENGINE_register_RAND;
++		OCSP_SERVICELOC_new;
++		EC_POINT_set_affine_coordinates_GFp;
++		EC_POINT_set_affine_coords_GFp;
++		_ossl_old_des_options;
++		SXNET_it;
++		UI_dup_input_boolean;
++		PKCS12_add_CSPName_asc;
++		EC_POINT_is_at_infinity;
++		ENGINE_load_cryptodev;
++		DSO_convert_filename;
++		POLICYQUALINFO_it;
++		ENGINE_register_ciphers;
++		BN_mod_lshift_quick;
++		DSO_set_filename;
++		ASN1_item_free;
++		KRB5_TKTBODY_free;
++		AUTHORITY_KEYID_it;
++		KRB5_APREQBODY_new;
++		X509V3_EXT_REQ_add_nconf;
++		ENGINE_ctrl_cmd_string;
++		i2d_OCSP_RESPDATA;
++		EVP_MD_CTX_init;
++		EXTENDED_KEY_USAGE_free;
++		PKCS7_ATTR_SIGN_it;
++		UI_add_error_string;
++		KRB5_CHECKSUM_free;
++		OCSP_REQUEST_get_ext;
++		ENGINE_load_ubsec;
++		ENGINE_register_all_digests;
++		PKEY_USAGE_PERIOD_it;
++		PKCS12_unpack_authsafes;
++		ASN1_item_unpack;
++		NETSCAPE_SPKAC_it;
++		X509_REVOKED_it;
++		ASN1_STRING_encode;
++		EVP_aes_128_ecb;
++		KRB5_AUTHENT_free;
++		OCSP_BASICRESP_get_ext_by_critical;
++		OCSP_BASICRESP_get_ext_by_crit;
++		OCSP_cert_status_str;
++		d2i_OCSP_REQUEST;
++		UI_dup_info_string;
++		_ossl_old_des_xwhite_in2out;
++		PKCS12_it;
++		OCSP_SINGLERESP_get_ext_by_critical;
++		OCSP_SINGLERESP_get_ext_by_crit;
++		OCSP_CERTSTATUS_free;
++		_ossl_old_des_crypt;
++		ASN1_item_i2d;
++		EVP_DecryptFinal_ex;
++		ENGINE_load_openssl;
++		ENGINE_get_cmd_defns;
++		ENGINE_set_load_privkey_function;
++		ENGINE_set_load_privkey_fn;
++		EVP_EncryptFinal_ex;
++		ENGINE_set_default_digests;
++		X509_get0_pubkey_bitstr;
++		asn1_ex_i2c;
++		ENGINE_register_RSA;
++		ENGINE_unregister_DSA;
++		_ossl_old_des_key_sched;
++		X509_EXTENSION_it;
++		i2d_KRB5_AUTHENT;
++		SXNETID_it;
++		d2i_OCSP_SINGLERESP;
++		EDIPARTYNAME_new;
++		PKCS12_certbag2x509;
++		_ossl_old_des_ofb64_encrypt;
++		d2i_EXTENDED_KEY_USAGE;
++		ERR_print_errors_cb;
++		ENGINE_set_ciphers;
++		d2i_KRB5_APREQBODY;
++		UI_method_get_flusher;
++		X509_PUBKEY_it;
++		_ossl_old_des_enc_read;
++		PKCS7_ENCRYPT_it;
++		i2d_OCSP_RESPONSE;
++		EC_GROUP_get_cofactor;
++		PKCS12_unpack_p7data;
++		d2i_KRB5_AUTHDATA;
++		OCSP_copy_nonce;
++		KRB5_AUTHDATA_new;
++		OCSP_RESPDATA_new;
++		EC_GFp_mont_method;
++		OCSP_REVOKEDINFO_free;
++		UI_get_ex_data;
++		KRB5_APREQBODY_free;
++		EC_GROUP_get0_generator;
++		UI_get_default_method;
++		X509V3_set_nconf;
++		PKCS12_item_i2d_encrypt;
++		X509_add1_ext_i2d;
++		PKCS7_SIGNER_INFO_it;
++		KRB5_PRINCNAME_new;
++		PKCS12_SAFEBAG_it;
++		EC_GROUP_get_order;
++		d2i_OCSP_RESPID;
++		OCSP_request_verify;
++		NCONF_get_number_e;
++		_ossl_old_des_decrypt3;
++		X509_signature_print;
++		OCSP_SINGLERESP_free;
++		ENGINE_load_builtin_engines;
++		i2d_OCSP_ONEREQ;
++		OCSP_REQUEST_add_ext;
++		OCSP_RESPBYTES_new;
++		EVP_MD_CTX_create;
++		OCSP_resp_find_status;
++		X509_ALGOR_it;
++		ASN1_TIME_it;
++		OCSP_request_set1_name;
++		OCSP_ONEREQ_get_ext_count;
++		UI_get0_result;
++		PKCS12_AUTHSAFES_it;
++		EVP_aes_256_ecb;
++		PKCS12_pack_authsafes;
++		ASN1_IA5STRING_it;
++		UI_get_input_flags;
++		EC_GROUP_set_generator;
++		_ossl_old_des_string_to_2keys;
++		OCSP_CERTID_free;
++		X509_CERT_AUX_it;
++		CERTIFICATEPOLICIES_it;
++		_ossl_old_des_ede3_cbc_encrypt;
++		RAND_set_rand_engine;
++		DSO_get_loaded_filename;
++		X509_ATTRIBUTE_it;
++		OCSP_ONEREQ_get_ext_by_NID;
++		PKCS12_decrypt_skey;
++		KRB5_AUTHENT_it;
++		UI_dup_error_string;
++		RSAPublicKey_it;
++		i2d_OCSP_REQUEST;
++		PKCS12_x509crl2certbag;
++		OCSP_SERVICELOC_it;
++		ASN1_item_sign;
++		X509_CRL_set_issuer_name;
++		OBJ_NAME_do_all_sorted;
++		i2d_OCSP_BASICRESP;
++		i2d_OCSP_RESPBYTES;
++		PKCS12_unpack_p7encdata;
++		HMAC_CTX_init;
++		ENGINE_get_digest;
++		OCSP_RESPONSE_print;
++		KRB5_TKTBODY_it;
++		ACCESS_DESCRIPTION_it;
++		PKCS7_ISSUER_AND_SERIAL_it;
++		PBE2PARAM_it;
++		PKCS12_certbag2x509crl;
++		PKCS7_SIGNED_it;
++		ENGINE_get_cipher;
++		i2d_OCSP_CRLID;
++		OCSP_SINGLERESP_new;
++		ENGINE_cmd_is_executable;
++		RSA_up_ref;
++		ASN1_GENERALSTRING_it;
++		ENGINE_register_DSA;
++		X509V3_EXT_add_nconf_sk;
++		ENGINE_set_load_pubkey_function;
++		PKCS8_decrypt;
++		PEM_bytes_read_bio;
++		DIRECTORYSTRING_it;
++		d2i_OCSP_CRLID;
++		EC_POINT_is_on_curve;
++		CRYPTO_set_locked_mem_ex_functions;
++		CRYPTO_set_locked_mem_ex_funcs;
++		d2i_KRB5_CHECKSUM;
++		ASN1_item_dup;
++		X509_it;
++		BN_mod_add;
++		KRB5_AUTHDATA_free;
++		_ossl_old_des_cbc_cksum;
++		ASN1_item_verify;
++		CRYPTO_set_mem_ex_functions;
++		EC_POINT_get_Jprojective_coordinates_GFp;
++		EC_POINT_get_Jproj_coords_GFp;
++		ZLONG_it;
++		CRYPTO_get_locked_mem_ex_functions;
++		CRYPTO_get_locked_mem_ex_funcs;
++		ASN1_TIME_check;
++		UI_get0_user_data;
++		HMAC_CTX_cleanup;
++		DSA_up_ref;
++		_ossl_old_des_ede3_cfb64_encrypt;
++		_ossl_odes_ede3_cfb64_encrypt;
++		ASN1_BMPSTRING_it;
++		ASN1_tag2bit;
++		UI_method_set_flusher;
++		X509_ocspid_print;
++		KRB5_ENCDATA_it;
++		ENGINE_get_load_pubkey_function;
++		UI_add_user_data;
++		OCSP_REQUEST_delete_ext;
++		UI_get_method;
++		OCSP_ONEREQ_free;
++		ASN1_PRINTABLESTRING_it;
++		X509_CRL_set_nextUpdate;
++		OCSP_REQUEST_it;
++		OCSP_BASICRESP_it;
++		AES_ecb_encrypt;
++		BN_mod_sqr;
++		NETSCAPE_CERT_SEQUENCE_it;
++		GENERAL_NAMES_it;
++		AUTHORITY_INFO_ACCESS_it;
++		ASN1_FBOOLEAN_it;
++		UI_set_ex_data;
++		_ossl_old_des_string_to_key;
++		ENGINE_register_all_RSA;
++		d2i_KRB5_PRINCNAME;
++		OCSP_RESPBYTES_it;
++		X509_CINF_it;
++		ENGINE_unregister_digests;
++		d2i_EDIPARTYNAME;
++		d2i_OCSP_SERVICELOC;
++		ENGINE_get_digests;
++		_ossl_old_des_set_odd_parity;
++		OCSP_RESPDATA_free;
++		d2i_KRB5_TICKET;
++		OTHERNAME_it;
++		EVP_MD_CTX_cleanup;
++		d2i_ASN1_GENERALSTRING;
++		X509_CRL_set_version;
++		BN_mod_sub;
++		OCSP_SINGLERESP_get_ext_by_NID;
++		ENGINE_get_ex_new_index;
++		OCSP_REQUEST_free;
++		OCSP_REQUEST_add1_ext_i2d;
++		X509_VAL_it;
++		EC_POINTs_make_affine;
++		EC_POINT_mul;
++		X509V3_EXT_add_nconf;
++		X509_TRUST_set;
++		X509_CRL_add1_ext_i2d;
++		_ossl_old_des_fcrypt;
++		DISPLAYTEXT_it;
++		X509_CRL_set_lastUpdate;
++		OCSP_BASICRESP_free;
++		OCSP_BASICRESP_add1_ext_i2d;
++		d2i_KRB5_AUTHENTBODY;
++		CRYPTO_set_ex_data_implementation;
++		CRYPTO_set_ex_data_impl;
++		KRB5_ENCDATA_new;
++		DSO_up_ref;
++		OCSP_crl_reason_str;
++		UI_get0_result_string;
++		ASN1_GENERALSTRING_new;
++		X509_SIG_it;
++		ERR_set_implementation;
++		ERR_load_EC_strings;
++		UI_get0_action_string;
++		OCSP_ONEREQ_get_ext;
++		EC_POINT_method_of;
++		i2d_KRB5_APREQBODY;
++		_ossl_old_des_ecb3_encrypt;
++		CRYPTO_get_mem_ex_functions;
++		ENGINE_get_ex_data;
++		UI_destroy_method;
++		ASN1_item_i2d_bio;
++		OCSP_ONEREQ_get_ext_by_OBJ;
++		ASN1_primitive_new;
++		ASN1_PRINTABLE_it;
++		EVP_aes_192_ecb;
++		OCSP_SIGNATURE_new;
++		LONG_it;
++		ASN1_VISIBLESTRING_it;
++		OCSP_SINGLERESP_add1_ext_i2d;
++		d2i_OCSP_CERTID;
++		ASN1_item_d2i_fp;
++		CRL_DIST_POINTS_it;
++		GENERAL_NAME_print;
++		OCSP_SINGLERESP_delete_ext;
++		PKCS12_SAFEBAGS_it;
++		d2i_OCSP_SIGNATURE;
++		OCSP_request_add1_nonce;
++		ENGINE_set_cmd_defns;
++		OCSP_SERVICELOC_free;
++		EC_GROUP_free;
++		ASN1_BIT_STRING_it;
++		X509_REQ_it;
++		_ossl_old_des_cbc_encrypt;
++		ERR_unload_strings;
++		PKCS7_SIGN_ENVELOPE_it;
++		EDIPARTYNAME_free;
++		OCSP_REQINFO_free;
++		EC_GROUP_new_curve_GFp;
++		OCSP_REQUEST_get1_ext_d2i;
++		PKCS12_item_pack_safebag;
++		asn1_ex_c2i;
++		ENGINE_register_digests;
++		i2d_OCSP_REVOKEDINFO;
++		asn1_enc_restore;
++		UI_free;
++		UI_new_method;
++		EVP_EncryptInit_ex;
++		X509_pubkey_digest;
++		EC_POINT_invert;
++		OCSP_basic_sign;
++		i2d_OCSP_RESPID;
++		OCSP_check_nonce;
++		ENGINE_ctrl_cmd;
++		d2i_KRB5_ENCKEY;
++		OCSP_parse_url;
++		OCSP_SINGLERESP_get_ext;
++		OCSP_CRLID_free;
++		OCSP_BASICRESP_get1_ext_d2i;
++		RSAPrivateKey_it;
++		ENGINE_register_all_DH;
++		i2d_EDIPARTYNAME;
++		EC_POINT_get_affine_coordinates_GFp;
++		EC_POINT_get_affine_coords_GFp;
++		OCSP_CRLID_new;
++		ENGINE_get_flags;
++		OCSP_ONEREQ_it;
++		UI_process;
++		ASN1_INTEGER_it;
++		EVP_CipherInit_ex;
++		UI_get_string_type;
++		ENGINE_unregister_DH;
++		ENGINE_register_all_DSA;
++		OCSP_ONEREQ_get_ext_by_critical;
++		bn_dup_expand;
++		OCSP_cert_id_new;
++		BASIC_CONSTRAINTS_it;
++		BN_mod_add_quick;
++		EC_POINT_new;
++		EVP_MD_CTX_destroy;
++		OCSP_RESPBYTES_free;
++		EVP_aes_128_cbc;
++		OCSP_SINGLERESP_get1_ext_d2i;
++		EC_POINT_free;
++		DH_up_ref;
++		X509_NAME_ENTRY_it;
++		UI_get_ex_new_index;
++		BN_mod_sub_quick;
++		OCSP_ONEREQ_add_ext;
++		OCSP_request_sign;
++		EVP_DigestFinal_ex;
++		ENGINE_set_digests;
++		OCSP_id_issuer_cmp;
++		OBJ_NAME_do_all;
++		EC_POINTs_mul;
++		ENGINE_register_complete;
++		X509V3_EXT_nconf_nid;
++		ASN1_SEQUENCE_it;
++		UI_set_default_method;
++		RAND_query_egd_bytes;
++		UI_method_get_writer;
++		UI_OpenSSL;
++		PEM_def_callback;
++		ENGINE_cleanup;
++		DIST_POINT_it;
++		OCSP_SINGLERESP_it;
++		d2i_KRB5_TKTBODY;
++		EC_POINT_cmp;
++		OCSP_REVOKEDINFO_new;
++		i2d_OCSP_CERTSTATUS;
++		OCSP_basic_add1_nonce;
++		ASN1_item_ex_d2i;
++		BN_mod_lshift1_quick;
++		UI_set_method;
++		OCSP_id_get0_info;
++		BN_mod_sqrt;
++		EC_GROUP_copy;
++		KRB5_ENCDATA_free;
++		_ossl_old_des_cfb_encrypt;
++		OCSP_SINGLERESP_get_ext_by_OBJ;
++		OCSP_cert_to_id;
++		OCSP_RESPID_new;
++		OCSP_RESPDATA_it;
++		d2i_OCSP_RESPDATA;
++		ENGINE_register_all_complete;
++		OCSP_check_validity;
++		PKCS12_BAGS_it;
++		OCSP_url_svcloc_new;
++		ASN1_template_free;
++		OCSP_SINGLERESP_add_ext;
++		KRB5_AUTHENTBODY_it;
++		X509_supported_extension;
++		i2d_KRB5_AUTHDATA;
++		UI_method_get_opener;
++		ENGINE_set_ex_data;
++		OCSP_REQUEST_print;
++		CBIGNUM_it;
++		KRB5_TICKET_new;
++		KRB5_APREQ_new;
++		EC_GROUP_get_curve_GFp;
++		KRB5_ENCKEY_new;
++		ASN1_template_d2i;
++		_ossl_old_des_quad_cksum;
++		OCSP_single_get0_status;
++		BN_swap;
++		POLICYINFO_it;
++		ENGINE_set_destroy_function;
++		asn1_enc_free;
++		OCSP_RESPID_it;
++		EC_GROUP_new;
++		EVP_aes_256_cbc;
++		i2d_KRB5_PRINCNAME;
++		_ossl_old_des_encrypt2;
++		_ossl_old_des_encrypt3;
++		PKCS8_PRIV_KEY_INFO_it;
++		OCSP_REQINFO_it;
++		PBEPARAM_it;
++		KRB5_AUTHENTBODY_new;
++		X509_CRL_add0_revoked;
++		EDIPARTYNAME_it;
++		NETSCAPE_SPKI_it;
++		UI_get0_test_string;
++		ENGINE_get_cipher_engine;
++		ENGINE_register_all_ciphers;
++		EC_POINT_copy;
++		BN_kronecker;
++		_ossl_old_des_ede3_ofb64_encrypt;
++		_ossl_odes_ede3_ofb64_encrypt;
++		UI_method_get_reader;
++		OCSP_BASICRESP_get_ext_count;
++		ASN1_ENUMERATED_it;
++		UI_set_result;
++		i2d_KRB5_TICKET;
++		X509_print_ex_fp;
++		EVP_CIPHER_CTX_set_padding;
++		d2i_OCSP_RESPONSE;
++		ASN1_UTCTIME_it;
++		_ossl_old_des_enc_write;
++		OCSP_RESPONSE_new;
++		AES_set_encrypt_key;
++		OCSP_resp_count;
++		KRB5_CHECKSUM_new;
++		ENGINE_load_cswift;
++		OCSP_onereq_get0_id;
++		ENGINE_set_default_ciphers;
++		NOTICEREF_it;
++		X509V3_EXT_CRL_add_nconf;
++		OCSP_REVOKEDINFO_it;
++		AES_encrypt;
++		OCSP_REQUEST_new;
++		ASN1_ANY_it;
++		CRYPTO_ex_data_new_class;
++		_ossl_old_des_ncbc_encrypt;
++		i2d_KRB5_TKTBODY;
++		EC_POINT_clear_free;
++		AES_decrypt;
++		asn1_enc_init;
++		UI_get_result_maxsize;
++		OCSP_CERTID_new;
++		ENGINE_unregister_RAND;
++		UI_method_get_closer;
++		d2i_KRB5_ENCDATA;
++		OCSP_request_onereq_count;
++		OCSP_basic_verify;
++		KRB5_AUTHENTBODY_free;
++		ASN1_item_d2i;
++		ASN1_primitive_free;
++		i2d_EXTENDED_KEY_USAGE;
++		i2d_OCSP_SIGNATURE;
++		asn1_enc_save;
++		ENGINE_load_nuron;
++		_ossl_old_des_pcbc_encrypt;
++		PKCS12_MAC_DATA_it;
++		OCSP_accept_responses_new;
++		asn1_do_lock;
++		PKCS7_ATTR_VERIFY_it;
++		KRB5_APREQBODY_it;
++		i2d_OCSP_SINGLERESP;
++		ASN1_item_ex_new;
++		UI_add_verify_string;
++		_ossl_old_des_set_key;
++		KRB5_PRINCNAME_it;
++		EVP_DecryptInit_ex;
++		i2d_OCSP_CERTID;
++		ASN1_item_d2i_bio;
++		EC_POINT_dbl;
++		asn1_get_choice_selector;
++		i2d_KRB5_CHECKSUM;
++		ENGINE_set_table_flags;
++		AES_options;
++		ENGINE_load_chil;
++		OCSP_id_cmp;
++		OCSP_BASICRESP_new;
++		OCSP_REQUEST_get_ext_by_NID;
++		KRB5_APREQ_it;
++		ENGINE_get_destroy_function;
++		CONF_set_nconf;
++		ASN1_PRINTABLE_free;
++		OCSP_BASICRESP_get_ext_by_NID;
++		DIST_POINT_NAME_it;
++		X509V3_extensions_print;
++		_ossl_old_des_cfb64_encrypt;
++		X509_REVOKED_add1_ext_i2d;
++		_ossl_old_des_ofb_encrypt;
++		KRB5_TKTBODY_new;
++		ASN1_OCTET_STRING_it;
++		ERR_load_UI_strings;
++		i2d_KRB5_ENCKEY;
++		ASN1_template_new;
++		OCSP_SIGNATURE_free;
++		ASN1_item_i2d_fp;
++		KRB5_PRINCNAME_free;
++		PKCS7_RECIP_INFO_it;
++		EXTENDED_KEY_USAGE_it;
++		EC_GFp_simple_method;
++		EC_GROUP_precompute_mult;
++		OCSP_request_onereq_get0;
++		UI_method_set_writer;
++		KRB5_AUTHENT_new;
++		X509_CRL_INFO_it;
++		DSO_set_name_converter;
++		AES_set_decrypt_key;
++		PKCS7_DIGEST_it;
++		PKCS12_x5092certbag;
++		EVP_DigestInit_ex;
++		i2a_ACCESS_DESCRIPTION;
++		OCSP_RESPONSE_it;
++		PKCS7_ENC_CONTENT_it;
++		OCSP_request_add0_id;
++		EC_POINT_make_affine;
++		DSO_get_filename;
++		OCSP_CERTSTATUS_it;
++		OCSP_request_add1_cert;
++		UI_get0_output_string;
++		UI_dup_verify_string;
++		BN_mod_lshift;
++		KRB5_AUTHDATA_it;
++		asn1_set_choice_selector;
++		OCSP_basic_add1_status;
++		OCSP_RESPID_free;
++		asn1_get_field_ptr;
++		UI_add_input_string;
++		OCSP_CRLID_it;
++		i2d_KRB5_AUTHENTBODY;
++		OCSP_REQUEST_get_ext_count;
++		ENGINE_load_atalla;
++		X509_NAME_it;
++		USERNOTICE_it;
++		OCSP_REQINFO_new;
++		OCSP_BASICRESP_get_ext;
++		CRYPTO_get_ex_data_implementation;
++		CRYPTO_get_ex_data_impl;
++		ASN1_item_pack;
++		i2d_KRB5_ENCDATA;
++		X509_PURPOSE_set;
++		X509_REQ_INFO_it;
++		UI_method_set_opener;
++		ASN1_item_ex_free;
++		ASN1_BOOLEAN_it;
++		ENGINE_get_table_flags;
++		UI_create_method;
++		OCSP_ONEREQ_add1_ext_i2d;
++		_shadow_DES_check_key;
++		d2i_OCSP_REQINFO;
++		UI_add_info_string;
++		UI_get_result_minsize;
++		ASN1_NULL_it;
++		BN_mod_lshift1;
++		d2i_OCSP_ONEREQ;
++		OCSP_ONEREQ_new;
++		KRB5_TICKET_it;
++		EVP_aes_192_cbc;
++		KRB5_TICKET_free;
++		UI_new;
++		OCSP_response_create;
++		_ossl_old_des_xcbc_encrypt;
++		PKCS7_it;
++		OCSP_REQUEST_get_ext_by_critical;
++		OCSP_REQUEST_get_ext_by_crit;
++		ENGINE_set_flags;
++		_ossl_old_des_ecb_encrypt;
++		OCSP_response_get1_basic;
++		EVP_Digest;
++		OCSP_ONEREQ_delete_ext;
++		ASN1_TBOOLEAN_it;
++		ASN1_item_new;
++		ASN1_TIME_to_generalizedtime;
++		BIGNUM_it;
++		AES_cbc_encrypt;
++		ENGINE_get_load_privkey_function;
++		ENGINE_get_load_privkey_fn;
++		OCSP_RESPONSE_free;
++		UI_method_set_reader;
++		i2d_ASN1_T61STRING;
++		EC_POINT_set_to_infinity;
++		ERR_load_OCSP_strings;
++		EC_POINT_point2oct;
++		KRB5_APREQ_free;
++		ASN1_OBJECT_it;
++		OCSP_crlID_new;
++		OCSP_crlID2_new;
++		CONF_modules_load_file;
++		CONF_imodule_set_usr_data;
++		ENGINE_set_default_string;
++		CONF_module_get_usr_data;
++		ASN1_add_oid_module;
++		CONF_modules_finish;
++		OPENSSL_config;
++		CONF_modules_unload;
++		CONF_imodule_get_value;
++		CONF_module_set_usr_data;
++		CONF_parse_list;
++		CONF_module_add;
++		CONF_get1_default_config_file;
++		CONF_imodule_get_flags;
++		CONF_imodule_get_module;
++		CONF_modules_load;
++		CONF_imodule_get_name;
++		ERR_peek_top_error;
++		CONF_imodule_get_usr_data;
++		CONF_imodule_set_flags;
++		ENGINE_add_conf_module;
++		ERR_peek_last_error_line;
++		ERR_peek_last_error_line_data;
++		ERR_peek_last_error;
++		DES_read_2passwords;
++		DES_read_password;
++		UI_UTIL_read_pw;
++		UI_UTIL_read_pw_string;
++		ENGINE_load_aep;
++		ENGINE_load_sureware;
++		OPENSSL_add_all_algorithms_noconf;
++		OPENSSL_add_all_algo_noconf;
++		OPENSSL_add_all_algorithms_conf;
++		OPENSSL_add_all_algo_conf;
++		OPENSSL_load_builtin_modules;
++		AES_ofb128_encrypt;
++		AES_ctr128_encrypt;
++		AES_cfb128_encrypt;
++		ENGINE_load_4758cca;
++		_ossl_096_des_random_seed;
++		EVP_aes_256_ofb;
++		EVP_aes_192_ofb;
++		EVP_aes_128_cfb128;
++		EVP_aes_256_cfb128;
++		EVP_aes_128_ofb;
++		EVP_aes_192_cfb128;
++		CONF_modules_free;
++		NCONF_default;
++		OPENSSL_no_config;
++		NCONF_WIN32;
++		ASN1_UNIVERSALSTRING_new;
++		EVP_des_ede_ecb;
++		i2d_ASN1_UNIVERSALSTRING;
++		ASN1_UNIVERSALSTRING_free;
++		ASN1_UNIVERSALSTRING_it;
++		d2i_ASN1_UNIVERSALSTRING;
++		EVP_des_ede3_ecb;
++		X509_REQ_print_ex;
++		ENGINE_up_ref;
++		BUF_MEM_grow_clean;
++		CRYPTO_realloc_clean;
++		BUF_strlcat;
++		BIO_indent;
++		BUF_strlcpy;
++		OpenSSLDie;
++		OPENSSL_cleanse;
++		ENGINE_setup_bsd_cryptodev;
++		ERR_release_err_state_table;
++		EVP_aes_128_cfb8;
++		FIPS_corrupt_rsa;
++		FIPS_selftest_des;
++		EVP_aes_128_cfb1;
++		EVP_aes_192_cfb8;
++		FIPS_mode_set;
++		FIPS_selftest_dsa;
++		EVP_aes_256_cfb8;
++		FIPS_allow_md5;
++		DES_ede3_cfb_encrypt;
++		EVP_des_ede3_cfb8;
++		FIPS_rand_seeded;
++		AES_cfbr_encrypt_block;
++		AES_cfb8_encrypt;
++		FIPS_rand_seed;
++		FIPS_corrupt_des;
++		EVP_aes_192_cfb1;
++		FIPS_selftest_aes;
++		FIPS_set_prng_key;
++		EVP_des_cfb8;
++		FIPS_corrupt_dsa;
++		FIPS_test_mode;
++		FIPS_rand_method;
++		EVP_aes_256_cfb1;
++		ERR_load_FIPS_strings;
++		FIPS_corrupt_aes;
++		FIPS_selftest_sha1;
++		FIPS_selftest_rsa;
++		FIPS_corrupt_sha1;
++		EVP_des_cfb1;
++		FIPS_dsa_check;
++		AES_cfb1_encrypt;
++		EVP_des_ede3_cfb1;
++		FIPS_rand_check;
++		FIPS_md5_allowed;
++		FIPS_mode;
++		FIPS_selftest_failed;
++		sk_is_sorted;
++		X509_check_ca;
++		HMAC_CTX_set_flags;
++		d2i_PROXY_CERT_INFO_EXTENSION;
++		PROXY_POLICY_it;
++		i2d_PROXY_POLICY;
++		i2d_PROXY_CERT_INFO_EXTENSION;
++		d2i_PROXY_POLICY;
++		PROXY_CERT_INFO_EXTENSION_new;
++		PROXY_CERT_INFO_EXTENSION_free;
++		PROXY_CERT_INFO_EXTENSION_it;
++		PROXY_POLICY_free;
++		PROXY_POLICY_new;
++		BN_MONT_CTX_set_locked;
++		FIPS_selftest_rng;
++		EVP_sha384;
++		EVP_sha512;
++		EVP_sha224;
++		EVP_sha256;
++		FIPS_selftest_hmac;
++		FIPS_corrupt_rng;
++		BN_mod_exp_mont_consttime;
++		RSA_X931_hash_id;
++		RSA_padding_check_X931;
++		RSA_verify_PKCS1_PSS;
++		RSA_padding_add_X931;
++		RSA_padding_add_PKCS1_PSS;
++		PKCS1_MGF1;
++		BN_X931_generate_Xpq;
++		RSA_X931_generate_key;
++		BN_X931_derive_prime;
++		BN_X931_generate_prime;
++		RSA_X931_derive;
++		BIO_new_dgram;
++		BN_get0_nist_prime_384;
++		ERR_set_mark;
++		X509_STORE_CTX_set0_crls;
++		ENGINE_set_STORE;
++		ENGINE_register_ECDSA;
++		STORE_meth_set_list_start_fn;
++		STORE_method_set_list_start_function;
++		BN_BLINDING_invert_ex;
++		NAME_CONSTRAINTS_free;
++		STORE_ATTR_INFO_set_number;
++		BN_BLINDING_get_thread_id;
++		X509_STORE_CTX_set0_param;
++		POLICY_MAPPING_it;
++		STORE_parse_attrs_start;
++		POLICY_CONSTRAINTS_free;
++		EVP_PKEY_add1_attr_by_NID;
++		BN_nist_mod_192;
++		EC_GROUP_get_trinomial_basis;
++		STORE_set_method;
++		GENERAL_SUBTREE_free;
++		NAME_CONSTRAINTS_it;
++		ECDH_get_default_method;
++		PKCS12_add_safe;
++		EC_KEY_new_by_curve_name;
++		STORE_meth_get_update_store_fn;
++		STORE_method_get_update_store_function;
++		ENGINE_register_ECDH;
++		SHA512_Update;
++		i2d_ECPrivateKey;
++		BN_get0_nist_prime_192;
++		STORE_modify_certificate;
++		EC_POINT_set_affine_coordinates_GF2m;
++		EC_POINT_set_affine_coords_GF2m;
++		BN_GF2m_mod_exp_arr;
++		STORE_ATTR_INFO_modify_number;
++		X509_keyid_get0;
++		ENGINE_load_gmp;
++		pitem_new;
++		BN_GF2m_mod_mul_arr;
++		STORE_list_public_key_endp;
++		o2i_ECPublicKey;
++		EC_KEY_copy;
++		BIO_dump_fp;
++		X509_policy_node_get0_parent;
++		EC_GROUP_check_discriminant;
++		i2o_ECPublicKey;
++		EC_KEY_precompute_mult;
++		a2i_IPADDRESS;
++		STORE_meth_set_initialise_fn;
++		STORE_method_set_initialise_function;
++		X509_STORE_CTX_set_depth;
++		X509_VERIFY_PARAM_inherit;
++		EC_POINT_point2bn;
++		STORE_ATTR_INFO_set_dn;
++		X509_policy_tree_get0_policies;
++		EC_GROUP_new_curve_GF2m;
++		STORE_destroy_method;
++		ENGINE_unregister_STORE;
++		EVP_PKEY_get1_EC_KEY;
++		STORE_ATTR_INFO_get0_number;
++		ENGINE_get_default_ECDH;
++		EC_KEY_get_conv_form;
++		ASN1_OCTET_STRING_NDEF_it;
++		STORE_delete_public_key;
++		STORE_get_public_key;
++		STORE_modify_arbitrary;
++		ENGINE_get_static_state;
++		pqueue_iterator;
++		ECDSA_SIG_new;
++		OPENSSL_DIR_end;
++		BN_GF2m_mod_sqr;
++		EC_POINT_bn2point;
++		X509_VERIFY_PARAM_set_depth;
++		EC_KEY_set_asn1_flag;
++		STORE_get_method;
++		EC_KEY_get_key_method_data;
++		ECDSA_sign_ex;
++		STORE_parse_attrs_end;
++		EC_GROUP_get_point_conversion_form;
++		EC_GROUP_get_point_conv_form;
++		STORE_method_set_store_function;
++		STORE_ATTR_INFO_in;
++		PEM_read_bio_ECPKParameters;
++		EC_GROUP_get_pentanomial_basis;
++		EVP_PKEY_add1_attr_by_txt;
++		BN_BLINDING_set_flags;
++		X509_VERIFY_PARAM_set1_policies;
++		X509_VERIFY_PARAM_set1_name;
++		X509_VERIFY_PARAM_set_purpose;
++		STORE_get_number;
++		ECDSA_sign_setup;
++		BN_GF2m_mod_solve_quad_arr;
++		EC_KEY_up_ref;
++		POLICY_MAPPING_free;
++		BN_GF2m_mod_div;
++		X509_VERIFY_PARAM_set_flags;
++		EC_KEY_free;
++		STORE_meth_set_list_next_fn;
++		STORE_method_set_list_next_function;
++		PEM_write_bio_ECPrivateKey;
++		d2i_EC_PUBKEY;
++		STORE_meth_get_generate_fn;
++		STORE_method_get_generate_function;
++		STORE_meth_set_list_end_fn;
++		STORE_method_set_list_end_function;
++		pqueue_print;
++		EC_GROUP_have_precompute_mult;
++		EC_KEY_print_fp;
++		BN_GF2m_mod_arr;
++		PEM_write_bio_X509_CERT_PAIR;
++		EVP_PKEY_cmp;
++		X509_policy_level_node_count;
++		STORE_new_engine;
++		STORE_list_public_key_start;
++		X509_VERIFY_PARAM_new;
++		ECDH_get_ex_data;
++		EVP_PKEY_get_attr;
++		ECDSA_do_sign;
++		ENGINE_unregister_ECDH;
++		ECDH_OpenSSL;
++		EC_KEY_set_conv_form;
++		EC_POINT_dup;
++		GENERAL_SUBTREE_new;
++		STORE_list_crl_endp;
++		EC_get_builtin_curves;
++		X509_policy_node_get0_qualifiers;
++		X509_pcy_node_get0_qualifiers;
++		STORE_list_crl_end;
++		EVP_PKEY_set1_EC_KEY;
++		BN_GF2m_mod_sqrt_arr;
++		i2d_ECPrivateKey_bio;
++		ECPKParameters_print_fp;
++		pqueue_find;
++		ECDSA_SIG_free;
++		PEM_write_bio_ECPKParameters;
++		STORE_method_set_ctrl_function;
++		STORE_list_public_key_end;
++		EC_KEY_set_private_key;
++		pqueue_peek;
++		STORE_get_arbitrary;
++		STORE_store_crl;
++		X509_policy_node_get0_policy;
++		PKCS12_add_safes;
++		BN_BLINDING_convert_ex;
++		X509_policy_tree_free;
++		OPENSSL_ia32cap_loc;
++		BN_GF2m_poly2arr;
++		STORE_ctrl;
++		STORE_ATTR_INFO_compare;
++		BN_get0_nist_prime_224;
++		i2d_ECParameters;
++		i2d_ECPKParameters;
++		BN_GENCB_call;
++		d2i_ECPKParameters;
++		STORE_meth_set_generate_fn;
++		STORE_method_set_generate_function;
++		ENGINE_set_ECDH;
++		NAME_CONSTRAINTS_new;
++		SHA256_Init;
++		EC_KEY_get0_public_key;
++		PEM_write_bio_EC_PUBKEY;
++		STORE_ATTR_INFO_set_cstr;
++		STORE_list_crl_next;
++		STORE_ATTR_INFO_in_range;
++		ECParameters_print;
++		STORE_meth_set_delete_fn;
++		STORE_method_set_delete_function;
++		STORE_list_certificate_next;
++		ASN1_generate_nconf;
++		BUF_memdup;
++		BN_GF2m_mod_mul;
++		STORE_meth_get_list_next_fn;
++		STORE_method_get_list_next_function;
++		STORE_ATTR_INFO_get0_dn;
++		STORE_list_private_key_next;
++		EC_GROUP_set_seed;
++		X509_VERIFY_PARAM_set_trust;
++		STORE_ATTR_INFO_free;
++		STORE_get_private_key;
++		EVP_PKEY_get_attr_count;
++		STORE_ATTR_INFO_new;
++		EC_GROUP_get_curve_GF2m;
++		STORE_meth_set_revoke_fn;
++		STORE_method_set_revoke_function;
++		STORE_store_number;
++		BN_is_prime_ex;
++		STORE_revoke_public_key;
++		X509_STORE_CTX_get0_param;
++		STORE_delete_arbitrary;
++		PEM_read_X509_CERT_PAIR;
++		X509_STORE_set_depth;
++		ECDSA_get_ex_data;
++		SHA224;
++		BIO_dump_indent_fp;
++		EC_KEY_set_group;
++		BUF_strndup;
++		STORE_list_certificate_start;
++		BN_GF2m_mod;
++		X509_REQ_check_private_key;
++		EC_GROUP_get_seed_len;
++		ERR_load_STORE_strings;
++		PEM_read_bio_EC_PUBKEY;
++		STORE_list_private_key_end;
++		i2d_EC_PUBKEY;
++		ECDSA_get_default_method;
++		ASN1_put_eoc;
++		X509_STORE_CTX_get_explicit_policy;
++		X509_STORE_CTX_get_expl_policy;
++		X509_VERIFY_PARAM_table_cleanup;
++		STORE_modify_private_key;
++		X509_VERIFY_PARAM_free;
++		EC_METHOD_get_field_type;
++		EC_GFp_nist_method;
++		STORE_meth_set_modify_fn;
++		STORE_method_set_modify_function;
++		STORE_parse_attrs_next;
++		ENGINE_load_padlock;
++		EC_GROUP_set_curve_name;
++		X509_CERT_PAIR_it;
++		STORE_meth_get_revoke_fn;
++		STORE_method_get_revoke_function;
++		STORE_method_set_get_function;
++		STORE_modify_number;
++		STORE_method_get_store_function;
++		STORE_store_private_key;
++		BN_GF2m_mod_sqr_arr;
++		RSA_setup_blinding;
++		BIO_s_datagram;
++		STORE_Memory;
++		sk_find_ex;
++		EC_GROUP_set_curve_GF2m;
++		ENGINE_set_default_ECDSA;
++		POLICY_CONSTRAINTS_new;
++		BN_GF2m_mod_sqrt;
++		ECDH_set_default_method;
++		EC_KEY_generate_key;
++		SHA384_Update;
++		BN_GF2m_arr2poly;
++		STORE_method_get_get_function;
++		STORE_meth_set_cleanup_fn;
++		STORE_method_set_cleanup_function;
++		EC_GROUP_check;
++		d2i_ECPrivateKey_bio;
++		EC_KEY_insert_key_method_data;
++		STORE_meth_get_lock_store_fn;
++		STORE_method_get_lock_store_function;
++		X509_VERIFY_PARAM_get_depth;
++		SHA224_Final;
++		STORE_meth_set_update_store_fn;
++		STORE_method_set_update_store_function;
++		SHA224_Update;
++		d2i_ECPrivateKey;
++		ASN1_item_ndef_i2d;
++		STORE_delete_private_key;
++		ERR_pop_to_mark;
++		ENGINE_register_all_STORE;
++		X509_policy_level_get0_node;
++		i2d_PKCS7_NDEF;
++		EC_GROUP_get_degree;
++		ASN1_generate_v3;
++		STORE_ATTR_INFO_modify_cstr;
++		X509_policy_tree_level_count;
++		BN_GF2m_add;
++		EC_KEY_get0_group;
++		STORE_generate_crl;
++		STORE_store_public_key;
++		X509_CERT_PAIR_free;
++		STORE_revoke_private_key;
++		BN_nist_mod_224;
++		SHA512_Final;
++		STORE_ATTR_INFO_modify_dn;
++		STORE_meth_get_initialise_fn;
++		STORE_method_get_initialise_function;
++		STORE_delete_number;
++		i2d_EC_PUBKEY_bio;
++		BIO_dgram_non_fatal_error;
++		EC_GROUP_get_asn1_flag;
++		STORE_ATTR_INFO_in_ex;
++		STORE_list_crl_start;
++		ECDH_get_ex_new_index;
++		STORE_meth_get_modify_fn;
++		STORE_method_get_modify_function;
++		v2i_ASN1_BIT_STRING;
++		STORE_store_certificate;
++		OBJ_bsearch_ex;
++		X509_STORE_CTX_set_default;
++		STORE_ATTR_INFO_set_sha1str;
++		BN_GF2m_mod_inv;
++		BN_GF2m_mod_exp;
++		STORE_modify_public_key;
++		STORE_meth_get_list_start_fn;
++		STORE_method_get_list_start_function;
++		EC_GROUP_get0_seed;
++		STORE_store_arbitrary;
++		STORE_meth_set_unlock_store_fn;
++		STORE_method_set_unlock_store_function;
++		BN_GF2m_mod_div_arr;
++		ENGINE_set_ECDSA;
++		STORE_create_method;
++		ECPKParameters_print;
++		EC_KEY_get0_private_key;
++		PEM_write_EC_PUBKEY;
++		X509_VERIFY_PARAM_set1;
++		ECDH_set_method;
++		v2i_GENERAL_NAME_ex;
++		ECDH_set_ex_data;
++		STORE_generate_key;
++		BN_nist_mod_521;
++		X509_policy_tree_get0_level;
++		EC_GROUP_set_point_conversion_form;
++		EC_GROUP_set_point_conv_form;
++		PEM_read_EC_PUBKEY;
++		i2d_ECDSA_SIG;
++		ECDSA_OpenSSL;
++		STORE_delete_crl;
++		EC_KEY_get_enc_flags;
++		ASN1_const_check_infinite_end;
++		EVP_PKEY_delete_attr;
++		ECDSA_set_default_method;
++		EC_POINT_set_compressed_coordinates_GF2m;
++		EC_POINT_set_compr_coords_GF2m;
++		EC_GROUP_cmp;
++		STORE_revoke_certificate;
++		BN_get0_nist_prime_256;
++		STORE_meth_get_delete_fn;
++		STORE_method_get_delete_function;
++		SHA224_Init;
++		PEM_read_ECPrivateKey;
++		SHA512_Init;
++		STORE_parse_attrs_endp;
++		BN_set_negative;
++		ERR_load_ECDSA_strings;
++		EC_GROUP_get_basis_type;
++		STORE_list_public_key_next;
++		i2v_ASN1_BIT_STRING;
++		STORE_OBJECT_free;
++		BN_nist_mod_384;
++		i2d_X509_CERT_PAIR;
++		PEM_write_ECPKParameters;
++		ECDH_compute_key;
++		STORE_ATTR_INFO_get0_sha1str;
++		ENGINE_register_all_ECDH;
++		pqueue_pop;
++		STORE_ATTR_INFO_get0_cstr;
++		POLICY_CONSTRAINTS_it;
++		STORE_get_ex_new_index;
++		EVP_PKEY_get_attr_by_OBJ;
++		X509_VERIFY_PARAM_add0_policy;
++		BN_GF2m_mod_solve_quad;
++		SHA256;
++		i2d_ECPrivateKey_fp;
++		X509_policy_tree_get0_user_policies;
++		X509_pcy_tree_get0_usr_policies;
++		OPENSSL_DIR_read;
++		ENGINE_register_all_ECDSA;
++		X509_VERIFY_PARAM_lookup;
++		EC_POINT_get_affine_coordinates_GF2m;
++		EC_POINT_get_affine_coords_GF2m;
++		EC_GROUP_dup;
++		ENGINE_get_default_ECDSA;
++		EC_KEY_new;
++		SHA256_Transform;
++		EC_KEY_set_enc_flags;
++		ECDSA_verify;
++		EC_POINT_point2hex;
++		ENGINE_get_STORE;
++		SHA512;
++		STORE_get_certificate;
++		ECDSA_do_sign_ex;
++		ECDSA_do_verify;
++		d2i_ECPrivateKey_fp;
++		STORE_delete_certificate;
++		SHA512_Transform;
++		X509_STORE_set1_param;
++		STORE_method_get_ctrl_function;
++		STORE_free;
++		PEM_write_ECPrivateKey;
++		STORE_meth_get_unlock_store_fn;
++		STORE_method_get_unlock_store_function;
++		STORE_get_ex_data;
++		EC_KEY_set_public_key;
++		PEM_read_ECPKParameters;
++		X509_CERT_PAIR_new;
++		ENGINE_register_STORE;
++		RSA_generate_key_ex;
++		DSA_generate_parameters_ex;
++		ECParameters_print_fp;
++		X509V3_NAME_from_section;
++		EVP_PKEY_add1_attr;
++		STORE_modify_crl;
++		STORE_list_private_key_start;
++		POLICY_MAPPINGS_it;
++		GENERAL_SUBTREE_it;
++		EC_GROUP_get_curve_name;
++		PEM_write_X509_CERT_PAIR;
++		BIO_dump_indent_cb;
++		d2i_X509_CERT_PAIR;
++		STORE_list_private_key_endp;
++		asn1_const_Finish;
++		i2d_EC_PUBKEY_fp;
++		BN_nist_mod_256;
++		X509_VERIFY_PARAM_add0_table;
++		pqueue_free;
++		BN_BLINDING_create_param;
++		ECDSA_size;
++		d2i_EC_PUBKEY_bio;
++		BN_get0_nist_prime_521;
++		STORE_ATTR_INFO_modify_sha1str;
++		BN_generate_prime_ex;
++		EC_GROUP_new_by_curve_name;
++		SHA256_Final;
++		DH_generate_parameters_ex;
++		PEM_read_bio_ECPrivateKey;
++		STORE_meth_get_cleanup_fn;
++		STORE_method_get_cleanup_function;
++		ENGINE_get_ECDH;
++		d2i_ECDSA_SIG;
++		BN_is_prime_fasttest_ex;
++		ECDSA_sign;
++		X509_policy_check;
++		EVP_PKEY_get_attr_by_NID;
++		STORE_set_ex_data;
++		ENGINE_get_ECDSA;
++		EVP_ecdsa;
++		BN_BLINDING_get_flags;
++		PKCS12_add_cert;
++		STORE_OBJECT_new;
++		ERR_load_ECDH_strings;
++		EC_KEY_dup;
++		EVP_CIPHER_CTX_rand_key;
++		ECDSA_set_method;
++		a2i_IPADDRESS_NC;
++		d2i_ECParameters;
++		STORE_list_certificate_end;
++		STORE_get_crl;
++		X509_POLICY_NODE_print;
++		SHA384_Init;
++		EC_GF2m_simple_method;
++		ECDSA_set_ex_data;
++		SHA384_Final;
++		PKCS7_set_digest;
++		EC_KEY_print;
++		STORE_meth_set_lock_store_fn;
++		STORE_method_set_lock_store_function;
++		ECDSA_get_ex_new_index;
++		SHA384;
++		POLICY_MAPPING_new;
++		STORE_list_certificate_endp;
++		X509_STORE_CTX_get0_policy_tree;
++		EC_GROUP_set_asn1_flag;
++		EC_KEY_check_key;
++		d2i_EC_PUBKEY_fp;
++		PKCS7_set0_type_other;
++		PEM_read_bio_X509_CERT_PAIR;
++		pqueue_next;
++		STORE_meth_get_list_end_fn;
++		STORE_method_get_list_end_function;
++		EVP_PKEY_add1_attr_by_OBJ;
++		X509_VERIFY_PARAM_set_time;
++		pqueue_new;
++		ENGINE_set_default_ECDH;
++		STORE_new_method;
++		PKCS12_add_key;
++		DSO_merge;
++		EC_POINT_hex2point;
++		BIO_dump_cb;
++		SHA256_Update;
++		pqueue_insert;
++		pitem_free;
++		BN_GF2m_mod_inv_arr;
++		ENGINE_unregister_ECDSA;
++		BN_BLINDING_set_thread_id;
++		get_rfc3526_prime_8192;
++		X509_VERIFY_PARAM_clear_flags;
++		get_rfc2409_prime_1024;
++		DH_check_pub_key;
++		get_rfc3526_prime_2048;
++		get_rfc3526_prime_6144;
++		get_rfc3526_prime_1536;
++		get_rfc3526_prime_3072;
++		get_rfc3526_prime_4096;
++		get_rfc2409_prime_768;
++		X509_VERIFY_PARAM_get_flags;
++		EVP_CIPHER_CTX_new;
++		EVP_CIPHER_CTX_free;
++		Camellia_cbc_encrypt;
++		Camellia_cfb128_encrypt;
++		Camellia_cfb1_encrypt;
++		Camellia_cfb8_encrypt;
++		Camellia_ctr128_encrypt;
++		Camellia_cfbr_encrypt_block;
++		Camellia_decrypt;
++		Camellia_ecb_encrypt;
++		Camellia_encrypt;
++		Camellia_ofb128_encrypt;
++		Camellia_set_key;
++		EVP_camellia_128_cbc;
++		EVP_camellia_128_cfb128;
++		EVP_camellia_128_cfb1;
++		EVP_camellia_128_cfb8;
++		EVP_camellia_128_ecb;
++		EVP_camellia_128_ofb;
++		EVP_camellia_192_cbc;
++		EVP_camellia_192_cfb128;
++		EVP_camellia_192_cfb1;
++		EVP_camellia_192_cfb8;
++		EVP_camellia_192_ecb;
++		EVP_camellia_192_ofb;
++		EVP_camellia_256_cbc;
++		EVP_camellia_256_cfb128;
++		EVP_camellia_256_cfb1;
++		EVP_camellia_256_cfb8;
++		EVP_camellia_256_ecb;
++		EVP_camellia_256_ofb;
++		a2i_ipadd;
++		ASIdentifiers_free;
++		i2d_ASIdOrRange;
++		EVP_CIPHER_block_size;
++		v3_asid_is_canonical;
++		IPAddressChoice_free;
++		EVP_CIPHER_CTX_set_app_data;
++		BIO_set_callback_arg;
++		v3_addr_add_prefix;
++		IPAddressOrRange_it;
++		BIO_set_flags;
++		ASIdentifiers_it;
++		v3_addr_get_range;
++		BIO_method_type;
++		v3_addr_inherits;
++		IPAddressChoice_it;
++		AES_ige_encrypt;
++		v3_addr_add_range;
++		EVP_CIPHER_CTX_nid;
++		d2i_ASRange;
++		v3_addr_add_inherit;
++		v3_asid_add_id_or_range;
++		v3_addr_validate_resource_set;
++		EVP_CIPHER_iv_length;
++		EVP_MD_type;
++		v3_asid_canonize;
++		IPAddressRange_free;
++		v3_asid_add_inherit;
++		EVP_CIPHER_CTX_key_length;
++		IPAddressRange_new;
++		ASIdOrRange_new;
++		EVP_MD_size;
++		EVP_MD_CTX_test_flags;
++		BIO_clear_flags;
++		i2d_ASRange;
++		IPAddressRange_it;
++		IPAddressChoice_new;
++		ASIdentifierChoice_new;
++		ASRange_free;
++		EVP_MD_pkey_type;
++		EVP_MD_CTX_clear_flags;
++		IPAddressFamily_free;
++		i2d_IPAddressFamily;
++		IPAddressOrRange_new;
++		EVP_CIPHER_flags;
++		v3_asid_validate_resource_set;
++		d2i_IPAddressRange;
++		AES_bi_ige_encrypt;
++		BIO_get_callback;
++		IPAddressOrRange_free;
++		v3_addr_subset;
++		d2i_IPAddressFamily;
++		v3_asid_subset;
++		BIO_test_flags;
++		i2d_ASIdentifierChoice;
++		ASRange_it;
++		d2i_ASIdentifiers;
++		ASRange_new;
++		d2i_IPAddressChoice;
++		v3_addr_get_afi;
++		EVP_CIPHER_key_length;
++		EVP_Cipher;
++		i2d_IPAddressOrRange;
++		ASIdOrRange_it;
++		EVP_CIPHER_nid;
++		i2d_IPAddressChoice;
++		EVP_CIPHER_CTX_block_size;
++		ASIdentifiers_new;
++		v3_addr_validate_path;
++		IPAddressFamily_new;
++		EVP_MD_CTX_set_flags;
++		v3_addr_is_canonical;
++		i2d_IPAddressRange;
++		IPAddressFamily_it;
++		v3_asid_inherits;
++		EVP_CIPHER_CTX_cipher;
++		EVP_CIPHER_CTX_get_app_data;
++		EVP_MD_block_size;
++		EVP_CIPHER_CTX_flags;
++		v3_asid_validate_path;
++		d2i_IPAddressOrRange;
++		v3_addr_canonize;
++		ASIdentifierChoice_it;
++		EVP_MD_CTX_md;
++		d2i_ASIdentifierChoice;
++		BIO_method_name;
++		EVP_CIPHER_CTX_iv_length;
++		ASIdOrRange_free;
++		ASIdentifierChoice_free;
++		BIO_get_callback_arg;
++		BIO_set_callback;
++		d2i_ASIdOrRange;
++		i2d_ASIdentifiers;
++		SEED_decrypt;
++		SEED_encrypt;
++		SEED_cbc_encrypt;
++		EVP_seed_ofb;
++		SEED_cfb128_encrypt;
++		SEED_ofb128_encrypt;
++		EVP_seed_cbc;
++		SEED_ecb_encrypt;
++		EVP_seed_ecb;
++		SEED_set_key;
++		EVP_seed_cfb128;
++		X509_EXTENSIONS_it;
++		X509_get1_ocsp;
++		OCSP_REQ_CTX_free;
++		i2d_X509_EXTENSIONS;
++		OCSP_sendreq_nbio;
++		OCSP_sendreq_new;
++		d2i_X509_EXTENSIONS;
++		X509_ALGORS_it;
++		X509_ALGOR_get0;
++		X509_ALGOR_set0;
++		AES_unwrap_key;
++		AES_wrap_key;
++		X509at_get0_data_by_OBJ;
++		ASN1_TYPE_set1;
++		ASN1_STRING_set0;
++		i2d_X509_ALGORS;
++		BIO_f_zlib;
++		COMP_zlib_cleanup;
++		d2i_X509_ALGORS;
++		CMS_ReceiptRequest_free;
++		PEM_write_CMS;
++		CMS_add0_CertificateChoices;
++		CMS_unsigned_add1_attr_by_OBJ;
++		ERR_load_CMS_strings;
++		CMS_sign_receipt;
++		i2d_CMS_ContentInfo;
++		CMS_signed_delete_attr;
++		d2i_CMS_bio;
++		CMS_unsigned_get_attr_by_NID;
++		CMS_verify;
++		SMIME_read_CMS;
++		CMS_decrypt_set1_key;
++		CMS_SignerInfo_get0_algs;
++		CMS_add1_cert;
++		CMS_set_detached;
++		CMS_encrypt;
++		CMS_EnvelopedData_create;
++		CMS_uncompress;
++		CMS_add0_crl;
++		CMS_SignerInfo_verify_content;
++		CMS_unsigned_get0_data_by_OBJ;
++		PEM_write_bio_CMS;
++		CMS_unsigned_get_attr;
++		CMS_RecipientInfo_ktri_cert_cmp;
++		CMS_RecipientInfo_ktri_get0_algs;
++		CMS_RecipInfo_ktri_get0_algs;
++		CMS_ContentInfo_free;
++		CMS_final;
++		CMS_add_simple_smimecap;
++		CMS_SignerInfo_verify;
++		CMS_data;
++		CMS_ContentInfo_it;
++		d2i_CMS_ReceiptRequest;
++		CMS_compress;
++		CMS_digest_create;
++		CMS_SignerInfo_cert_cmp;
++		CMS_SignerInfo_sign;
++		CMS_data_create;
++		i2d_CMS_bio;
++		CMS_EncryptedData_set1_key;
++		CMS_decrypt;
++		int_smime_write_ASN1;
++		CMS_unsigned_delete_attr;
++		CMS_unsigned_get_attr_count;
++		CMS_add_smimecap;
++		PEM_read_CMS;
++		CMS_signed_get_attr_by_OBJ;
++		d2i_CMS_ContentInfo;
++		CMS_add_standard_smimecap;
++		CMS_ContentInfo_new;
++		CMS_RecipientInfo_type;
++		CMS_get0_type;
++		CMS_is_detached;
++		CMS_sign;
++		CMS_signed_add1_attr;
++		CMS_unsigned_get_attr_by_OBJ;
++		SMIME_write_CMS;
++		CMS_EncryptedData_decrypt;
++		CMS_get0_RecipientInfos;
++		CMS_add0_RevocationInfoChoice;
++		CMS_decrypt_set1_pkey;
++		CMS_SignerInfo_set1_signer_cert;
++		CMS_get0_signers;
++		CMS_ReceiptRequest_get0_values;
++		CMS_signed_get0_data_by_OBJ;
++		CMS_get0_SignerInfos;
++		CMS_add0_cert;
++		CMS_EncryptedData_encrypt;
++		CMS_digest_verify;
++		CMS_set1_signers_certs;
++		CMS_signed_get_attr;
++		CMS_RecipientInfo_set0_key;
++		CMS_SignedData_init;
++		CMS_RecipientInfo_kekri_get0_id;
++		CMS_verify_receipt;
++		CMS_ReceiptRequest_it;
++		PEM_read_bio_CMS;
++		CMS_get1_crls;
++		CMS_add0_recipient_key;
++		SMIME_read_ASN1;
++		CMS_ReceiptRequest_new;
++		CMS_get0_content;
++		CMS_get1_ReceiptRequest;
++		CMS_signed_add1_attr_by_OBJ;
++		CMS_RecipientInfo_kekri_id_cmp;
++		CMS_add1_ReceiptRequest;
++		CMS_SignerInfo_get0_signer_id;
++		CMS_unsigned_add1_attr_by_NID;
++		CMS_unsigned_add1_attr;
++		CMS_signed_get_attr_by_NID;
++		CMS_get1_certs;
++		CMS_signed_add1_attr_by_NID;
++		CMS_unsigned_add1_attr_by_txt;
++		CMS_dataFinal;
++		CMS_RecipientInfo_ktri_get0_signer_id;
++		CMS_RecipInfo_ktri_get0_sigr_id;
++		i2d_CMS_ReceiptRequest;
++		CMS_add1_recipient_cert;
++		CMS_dataInit;
++		CMS_signed_add1_attr_by_txt;
++		CMS_RecipientInfo_decrypt;
++		CMS_signed_get_attr_count;
++		CMS_get0_eContentType;
++		CMS_set1_eContentType;
++		CMS_ReceiptRequest_create0;
++		CMS_add1_signer;
++		CMS_RecipientInfo_set0_pkey;
++		ENGINE_set_load_ssl_client_cert_function;
++		ENGINE_set_ld_ssl_clnt_cert_fn;
++		ENGINE_get_ssl_client_cert_function;
++		ENGINE_get_ssl_client_cert_fn;
++		ENGINE_load_ssl_client_cert;
++		ENGINE_load_capi;
++		OPENSSL_isservice;
++		FIPS_dsa_sig_decode;
++		EVP_CIPHER_CTX_clear_flags;
++		FIPS_rand_status;
++		FIPS_rand_set_key;
++		CRYPTO_set_mem_info_functions;
++		RSA_X931_generate_key_ex;
++		int_ERR_set_state_func;
++		int_EVP_MD_set_engine_callbacks;
++		int_CRYPTO_set_do_dynlock_callback;
++		FIPS_rng_stick;
++		EVP_CIPHER_CTX_set_flags;
++		BN_X931_generate_prime_ex;
++		FIPS_selftest_check;
++		FIPS_rand_set_dt;
++		CRYPTO_dbg_pop_info;
++		FIPS_dsa_free;
++		RSA_X931_derive_ex;
++		FIPS_rsa_new;
++		FIPS_rand_bytes;
++		fips_cipher_test;
++		EVP_CIPHER_CTX_test_flags;
++		CRYPTO_malloc_debug_init;
++		CRYPTO_dbg_push_info;
++		FIPS_corrupt_rsa_keygen;
++		FIPS_dh_new;
++		FIPS_corrupt_dsa_keygen;
++		FIPS_dh_free;
++		fips_pkey_signature_test;
++		EVP_add_alg_module;
++		int_RAND_init_engine_callbacks;
++		int_EVP_CIPHER_set_engine_callbacks;
++		int_EVP_MD_init_engine_callbacks;
++		FIPS_rand_test_mode;
++		FIPS_rand_reset;
++		FIPS_dsa_new;
++		int_RAND_set_callbacks;
++		BN_X931_derive_prime_ex;
++		int_ERR_lib_init;
++		int_EVP_CIPHER_init_engine_callbacks;
++		FIPS_rsa_free;
++		FIPS_dsa_sig_encode;
++		CRYPTO_dbg_remove_all_info;
++		OPENSSL_init;
++		CRYPTO_strdup;
++		JPAKE_STEP3A_process;
++		JPAKE_STEP1_release;
++		JPAKE_get_shared_key;
++		JPAKE_STEP3B_init;
++		JPAKE_STEP1_generate;
++		JPAKE_STEP1_init;
++		JPAKE_STEP3B_process;
++		JPAKE_STEP2_generate;
++		JPAKE_CTX_new;
++		JPAKE_CTX_free;
++		JPAKE_STEP3B_release;
++		JPAKE_STEP3A_release;
++		JPAKE_STEP2_process;
++		JPAKE_STEP3B_generate;
++		JPAKE_STEP1_process;
++		JPAKE_STEP3A_generate;
++		JPAKE_STEP2_release;
++		JPAKE_STEP3A_init;
++		ERR_load_JPAKE_strings;
++		JPAKE_STEP2_init;
++		pqueue_size;
++		i2d_TS_ACCURACY;
++		i2d_TS_MSG_IMPRINT_fp;
++		i2d_TS_MSG_IMPRINT;
++		EVP_PKEY_print_public;
++		EVP_PKEY_CTX_new;
++		i2d_TS_TST_INFO;
++		EVP_PKEY_asn1_find;
++		DSO_METHOD_beos;
++		TS_CONF_load_cert;
++		TS_REQ_get_ext;
++		EVP_PKEY_sign_init;
++		ASN1_item_print;
++		TS_TST_INFO_set_nonce;
++		TS_RESP_dup;
++		ENGINE_register_pkey_meths;
++		EVP_PKEY_asn1_add0;
++		PKCS7_add0_attrib_signing_time;
++		i2d_TS_TST_INFO_fp;
++		BIO_asn1_get_prefix;
++		TS_TST_INFO_set_time;
++		EVP_PKEY_meth_set_decrypt;
++		EVP_PKEY_set_type_str;
++		EVP_PKEY_CTX_get_keygen_info;
++		TS_REQ_set_policy_id;
++		d2i_TS_RESP_fp;
++		ENGINE_get_pkey_asn1_meth_engine;
++		ENGINE_get_pkey_asn1_meth_eng;
++		WHIRLPOOL_Init;
++		TS_RESP_set_status_info;
++		EVP_PKEY_keygen;
++		EVP_DigestSignInit;
++		TS_ACCURACY_set_millis;
++		TS_REQ_dup;
++		GENERAL_NAME_dup;
++		ASN1_SEQUENCE_ANY_it;
++		WHIRLPOOL;
++		X509_STORE_get1_crls;
++		ENGINE_get_pkey_asn1_meth;
++		EVP_PKEY_asn1_new;
++		BIO_new_NDEF;
++		ENGINE_get_pkey_meth;
++		TS_MSG_IMPRINT_set_algo;
++		i2d_TS_TST_INFO_bio;
++		TS_TST_INFO_set_ordering;
++		TS_TST_INFO_get_ext_by_OBJ;
++		CRYPTO_THREADID_set_pointer;
++		TS_CONF_get_tsa_section;
++		SMIME_write_ASN1;
++		TS_RESP_CTX_set_signer_key;
++		EVP_PKEY_encrypt_old;
++		EVP_PKEY_encrypt_init;
++		CRYPTO_THREADID_cpy;
++		ASN1_PCTX_get_cert_flags;
++		i2d_ESS_SIGNING_CERT;
++		TS_CONF_load_key;
++		i2d_ASN1_SEQUENCE_ANY;
++		d2i_TS_MSG_IMPRINT_bio;
++		EVP_PKEY_asn1_set_public;
++		b2i_PublicKey_bio;
++		BIO_asn1_set_prefix;
++		EVP_PKEY_new_mac_key;
++		BIO_new_CMS;
++		CRYPTO_THREADID_cmp;
++		TS_REQ_ext_free;
++		EVP_PKEY_asn1_set_free;
++		EVP_PKEY_get0_asn1;
++		d2i_NETSCAPE_X509;
++		EVP_PKEY_verify_recover_init;
++		EVP_PKEY_CTX_set_data;
++		EVP_PKEY_keygen_init;
++		TS_RESP_CTX_set_status_info;
++		TS_MSG_IMPRINT_get_algo;
++		TS_REQ_print_bio;
++		EVP_PKEY_CTX_ctrl_str;
++		EVP_PKEY_get_default_digest_nid;
++		PEM_write_bio_PKCS7_stream;
++		TS_MSG_IMPRINT_print_bio;
++		BN_asc2bn;
++		TS_REQ_get_policy_id;
++		ENGINE_set_default_pkey_asn1_meths;
++		ENGINE_set_def_pkey_asn1_meths;
++		d2i_TS_ACCURACY;
++		DSO_global_lookup;
++		TS_CONF_set_tsa_name;
++		i2d_ASN1_SET_ANY;
++		ENGINE_load_gost;
++		WHIRLPOOL_BitUpdate;
++		ASN1_PCTX_get_flags;
++		TS_TST_INFO_get_ext_by_NID;
++		TS_RESP_new;
++		ESS_CERT_ID_dup;
++		TS_STATUS_INFO_dup;
++		TS_REQ_delete_ext;
++		EVP_DigestVerifyFinal;
++		EVP_PKEY_print_params;
++		i2d_CMS_bio_stream;
++		TS_REQ_get_msg_imprint;
++		OBJ_find_sigid_by_algs;
++		TS_TST_INFO_get_serial;
++		TS_REQ_get_nonce;
++		X509_PUBKEY_set0_param;
++		EVP_PKEY_CTX_set0_keygen_info;
++		DIST_POINT_set_dpname;
++		i2d_ISSUING_DIST_POINT;
++		ASN1_SET_ANY_it;
++		EVP_PKEY_CTX_get_data;
++		TS_STATUS_INFO_print_bio;
++		EVP_PKEY_derive_init;
++		d2i_TS_TST_INFO;
++		EVP_PKEY_asn1_add_alias;
++		d2i_TS_RESP_bio;
++		OTHERNAME_cmp;
++		GENERAL_NAME_set0_value;
++		PKCS7_RECIP_INFO_get0_alg;
++		TS_RESP_CTX_new;
++		TS_RESP_set_tst_info;
++		PKCS7_final;
++		EVP_PKEY_base_id;
++		TS_RESP_CTX_set_signer_cert;
++		TS_REQ_set_msg_imprint;
++		EVP_PKEY_CTX_ctrl;
++		TS_CONF_set_digests;
++		d2i_TS_MSG_IMPRINT;
++		EVP_PKEY_meth_set_ctrl;
++		TS_REQ_get_ext_by_NID;
++		PKCS5_pbe_set0_algor;
++		BN_BLINDING_thread_id;
++		TS_ACCURACY_new;
++		X509_CRL_METHOD_free;
++		ASN1_PCTX_get_nm_flags;
++		EVP_PKEY_meth_set_sign;
++		CRYPTO_THREADID_current;
++		EVP_PKEY_decrypt_init;
++		NETSCAPE_X509_free;
++		i2b_PVK_bio;
++		EVP_PKEY_print_private;
++		GENERAL_NAME_get0_value;
++		b2i_PVK_bio;
++		ASN1_UTCTIME_adj;
++		TS_TST_INFO_new;
++		EVP_MD_do_all_sorted;
++		TS_CONF_set_default_engine;
++		TS_ACCURACY_set_seconds;
++		TS_TST_INFO_get_time;
++		PKCS8_pkey_get0;
++		EVP_PKEY_asn1_get0;
++		OBJ_add_sigid;
++		PKCS7_SIGNER_INFO_sign;
++		EVP_PKEY_paramgen_init;
++		EVP_PKEY_sign;
++		OBJ_sigid_free;
++		EVP_PKEY_meth_set_init;
++		d2i_ESS_ISSUER_SERIAL;
++		ISSUING_DIST_POINT_new;
++		ASN1_TIME_adj;
++		TS_OBJ_print_bio;
++		EVP_PKEY_meth_set_verify_recover;
++		EVP_PKEY_meth_set_vrfy_recover;
++		TS_RESP_get_status_info;
++		CMS_stream;
++		EVP_PKEY_CTX_set_cb;
++		PKCS7_to_TS_TST_INFO;
++		ASN1_PCTX_get_oid_flags;
++		TS_TST_INFO_add_ext;
++		EVP_PKEY_meth_set_derive;
++		i2d_TS_RESP_fp;
++		i2d_TS_MSG_IMPRINT_bio;
++		TS_RESP_CTX_set_accuracy;
++		TS_REQ_set_nonce;
++		ESS_CERT_ID_new;
++		ENGINE_pkey_asn1_find_str;
++		TS_REQ_get_ext_count;
++		BUF_reverse;
++		TS_TST_INFO_print_bio;
++		d2i_ISSUING_DIST_POINT;
++		ENGINE_get_pkey_meths;
++		i2b_PrivateKey_bio;
++		i2d_TS_RESP;
++		b2i_PublicKey;
++		TS_VERIFY_CTX_cleanup;
++		TS_STATUS_INFO_free;
++		TS_RESP_verify_token;
++		OBJ_bsearch_ex_;
++		ASN1_bn_print;
++		EVP_PKEY_asn1_get_count;
++		ENGINE_register_pkey_asn1_meths;
++		ASN1_PCTX_set_nm_flags;
++		EVP_DigestVerifyInit;
++		ENGINE_set_default_pkey_meths;
++		TS_TST_INFO_get_policy_id;
++		TS_REQ_get_cert_req;
++		X509_CRL_set_meth_data;
++		PKCS8_pkey_set0;
++		ASN1_STRING_copy;
++		d2i_TS_TST_INFO_fp;
++		X509_CRL_match;
++		EVP_PKEY_asn1_set_private;
++		TS_TST_INFO_get_ext_d2i;
++		TS_RESP_CTX_add_policy;
++		d2i_TS_RESP;
++		TS_CONF_load_certs;
++		TS_TST_INFO_get_msg_imprint;
++		ERR_load_TS_strings;
++		TS_TST_INFO_get_version;
++		EVP_PKEY_CTX_dup;
++		EVP_PKEY_meth_set_verify;
++		i2b_PublicKey_bio;
++		TS_CONF_set_certs;
++		EVP_PKEY_asn1_get0_info;
++		TS_VERIFY_CTX_free;
++		TS_REQ_get_ext_by_critical;
++		TS_RESP_CTX_set_serial_cb;
++		X509_CRL_get_meth_data;
++		TS_RESP_CTX_set_time_cb;
++		TS_MSG_IMPRINT_get_msg;
++		TS_TST_INFO_ext_free;
++		TS_REQ_get_version;
++		TS_REQ_add_ext;
++		EVP_PKEY_CTX_set_app_data;
++		OBJ_bsearch_;
++		EVP_PKEY_meth_set_verifyctx;
++		i2d_PKCS7_bio_stream;
++		CRYPTO_THREADID_set_numeric;
++		PKCS7_sign_add_signer;
++		d2i_TS_TST_INFO_bio;
++		TS_TST_INFO_get_ordering;
++		TS_RESP_print_bio;
++		TS_TST_INFO_get_exts;
++		HMAC_CTX_copy;
++		PKCS5_pbe2_set_iv;
++		ENGINE_get_pkey_asn1_meths;
++		b2i_PrivateKey;
++		EVP_PKEY_CTX_get_app_data;
++		TS_REQ_set_cert_req;
++		CRYPTO_THREADID_set_callback;
++		TS_CONF_set_serial;
++		TS_TST_INFO_free;
++		d2i_TS_REQ_fp;
++		TS_RESP_verify_response;
++		i2d_ESS_ISSUER_SERIAL;
++		TS_ACCURACY_get_seconds;
++		EVP_CIPHER_do_all;
++		b2i_PrivateKey_bio;
++		OCSP_CERTID_dup;
++		X509_PUBKEY_get0_param;
++		TS_MSG_IMPRINT_dup;
++		PKCS7_print_ctx;
++		i2d_TS_REQ_bio;
++		EVP_whirlpool;
++		EVP_PKEY_asn1_set_param;
++		EVP_PKEY_meth_set_encrypt;
++		ASN1_PCTX_set_flags;
++		i2d_ESS_CERT_ID;
++		TS_VERIFY_CTX_new;
++		TS_RESP_CTX_set_extension_cb;
++		ENGINE_register_all_pkey_meths;
++		TS_RESP_CTX_set_status_info_cond;
++		TS_RESP_CTX_set_stat_info_cond;
++		EVP_PKEY_verify;
++		WHIRLPOOL_Final;
++		X509_CRL_METHOD_new;
++		EVP_DigestSignFinal;
++		TS_RESP_CTX_set_def_policy;
++		NETSCAPE_X509_it;
++		TS_RESP_create_response;
++		PKCS7_SIGNER_INFO_get0_algs;
++		TS_TST_INFO_get_nonce;
++		EVP_PKEY_decrypt_old;
++		TS_TST_INFO_set_policy_id;
++		TS_CONF_set_ess_cert_id_chain;
++		EVP_PKEY_CTX_get0_pkey;
++		d2i_TS_REQ;
++		EVP_PKEY_asn1_find_str;
++		BIO_f_asn1;
++		ESS_SIGNING_CERT_new;
++		EVP_PBE_find;
++		X509_CRL_get0_by_cert;
++		EVP_PKEY_derive;
++		i2d_TS_REQ;
++		TS_TST_INFO_delete_ext;
++		ESS_ISSUER_SERIAL_free;
++		ASN1_PCTX_set_str_flags;
++		ENGINE_get_pkey_asn1_meth_str;
++		TS_CONF_set_signer_key;
++		TS_ACCURACY_get_millis;
++		TS_RESP_get_token;
++		TS_ACCURACY_dup;
++		ENGINE_register_all_pkey_asn1_meths;
++		ENGINE_reg_all_pkey_asn1_meths;
++		X509_CRL_set_default_method;
++		CRYPTO_THREADID_hash;
++		CMS_ContentInfo_print_ctx;
++		TS_RESP_free;
++		ISSUING_DIST_POINT_free;
++		ESS_ISSUER_SERIAL_new;
++		CMS_add1_crl;
++		PKCS7_add1_attrib_digest;
++		TS_RESP_CTX_add_md;
++		TS_TST_INFO_dup;
++		ENGINE_set_pkey_asn1_meths;
++		PEM_write_bio_Parameters;
++		TS_TST_INFO_get_accuracy;
++		X509_CRL_get0_by_serial;
++		TS_TST_INFO_set_version;
++		TS_RESP_CTX_get_tst_info;
++		TS_RESP_verify_signature;
++		CRYPTO_THREADID_get_callback;
++		TS_TST_INFO_get_tsa;
++		TS_STATUS_INFO_new;
++		EVP_PKEY_CTX_get_cb;
++		TS_REQ_get_ext_d2i;
++		GENERAL_NAME_set0_othername;
++		TS_TST_INFO_get_ext_count;
++		TS_RESP_CTX_get_request;
++		i2d_NETSCAPE_X509;
++		ENGINE_get_pkey_meth_engine;
++		EVP_PKEY_meth_set_signctx;
++		EVP_PKEY_asn1_copy;
++		ASN1_TYPE_cmp;
++		EVP_CIPHER_do_all_sorted;
++		EVP_PKEY_CTX_free;
++		ISSUING_DIST_POINT_it;
++		d2i_TS_MSG_IMPRINT_fp;
++		X509_STORE_get1_certs;
++		EVP_PKEY_CTX_get_operation;
++		d2i_ESS_SIGNING_CERT;
++		TS_CONF_set_ordering;
++		EVP_PBE_alg_add_type;
++		TS_REQ_set_version;
++		EVP_PKEY_get0;
++		BIO_asn1_set_suffix;
++		i2d_TS_STATUS_INFO;
++		EVP_MD_do_all;
++		TS_TST_INFO_set_accuracy;
++		PKCS7_add_attrib_content_type;
++		ERR_remove_thread_state;
++		EVP_PKEY_meth_add0;
++		TS_TST_INFO_set_tsa;
++		EVP_PKEY_meth_new;
++		WHIRLPOOL_Update;
++		TS_CONF_set_accuracy;
++		ASN1_PCTX_set_oid_flags;
++		ESS_SIGNING_CERT_dup;
++		d2i_TS_REQ_bio;
++		X509_time_adj_ex;
++		TS_RESP_CTX_add_flags;
++		d2i_TS_STATUS_INFO;
++		TS_MSG_IMPRINT_set_msg;
++		BIO_asn1_get_suffix;
++		TS_REQ_free;
++		EVP_PKEY_meth_free;
++		TS_REQ_get_exts;
++		TS_RESP_CTX_set_clock_precision_digits;
++		TS_RESP_CTX_set_clk_prec_digits;
++		TS_RESP_CTX_add_failure_info;
++		i2d_TS_RESP_bio;
++		EVP_PKEY_CTX_get0_peerkey;
++		PEM_write_bio_CMS_stream;
++		TS_REQ_new;
++		TS_MSG_IMPRINT_new;
++		EVP_PKEY_meth_find;
++		EVP_PKEY_id;
++		TS_TST_INFO_set_serial;
++		a2i_GENERAL_NAME;
++		TS_CONF_set_crypto_device;
++		EVP_PKEY_verify_init;
++		TS_CONF_set_policies;
++		ASN1_PCTX_new;
++		ESS_CERT_ID_free;
++		ENGINE_unregister_pkey_meths;
++		TS_MSG_IMPRINT_free;
++		TS_VERIFY_CTX_init;
++		PKCS7_stream;
++		TS_RESP_CTX_set_certs;
++		TS_CONF_set_def_policy;
++		ASN1_GENERALIZEDTIME_adj;
++		NETSCAPE_X509_new;
++		TS_ACCURACY_free;
++		TS_RESP_get_tst_info;
++		EVP_PKEY_derive_set_peer;
++		PEM_read_bio_Parameters;
++		TS_CONF_set_clock_precision_digits;
++		TS_CONF_set_clk_prec_digits;
++		ESS_ISSUER_SERIAL_dup;
++		TS_ACCURACY_get_micros;
++		ASN1_PCTX_get_str_flags;
++		NAME_CONSTRAINTS_check;
++		ASN1_BIT_STRING_check;
++		X509_check_akid;
++		ENGINE_unregister_pkey_asn1_meths;
++		ENGINE_unreg_pkey_asn1_meths;
++		ASN1_PCTX_free;
++		PEM_write_bio_ASN1_stream;
++		i2d_ASN1_bio_stream;
++		TS_X509_ALGOR_print_bio;
++		EVP_PKEY_meth_set_cleanup;
++		EVP_PKEY_asn1_free;
++		ESS_SIGNING_CERT_free;
++		TS_TST_INFO_set_msg_imprint;
++		GENERAL_NAME_cmp;
++		d2i_ASN1_SET_ANY;
++		ENGINE_set_pkey_meths;
++		i2d_TS_REQ_fp;
++		d2i_ASN1_SEQUENCE_ANY;
++		GENERAL_NAME_get0_otherName;
++		d2i_ESS_CERT_ID;
++		OBJ_find_sigid_algs;
++		EVP_PKEY_meth_set_keygen;
++		PKCS5_PBKDF2_HMAC;
++		EVP_PKEY_paramgen;
++		EVP_PKEY_meth_set_paramgen;
++		BIO_new_PKCS7;
++		EVP_PKEY_verify_recover;
++		TS_ext_print_bio;
++		TS_ASN1_INTEGER_print_bio;
++		check_defer;
++		DSO_pathbyaddr;
++		EVP_PKEY_set_type;
++		TS_ACCURACY_set_micros;
++		TS_REQ_to_TS_VERIFY_CTX;
++		EVP_PKEY_meth_set_copy;
++		ASN1_PCTX_set_cert_flags;
++		TS_TST_INFO_get_ext;
++		EVP_PKEY_asn1_set_ctrl;
++		TS_TST_INFO_get_ext_by_critical;
++		EVP_PKEY_CTX_new_id;
++		TS_REQ_get_ext_by_OBJ;
++		TS_CONF_set_signer_cert;
++		X509_NAME_hash_old;
++		ASN1_TIME_set_string;
++		EVP_MD_flags;
++		TS_RESP_CTX_free;
++		DSAparams_dup;
++		DHparams_dup;
++		OCSP_REQ_CTX_add1_header;
++		OCSP_REQ_CTX_set1_req;
++		X509_STORE_set_verify_cb;
++		X509_STORE_CTX_get0_current_crl;
++		X509_STORE_CTX_get0_parent_ctx;
++		X509_STORE_CTX_get0_current_issuer;
++		X509_STORE_CTX_get0_cur_issuer;
++		X509_issuer_name_hash_old;
++		X509_subject_name_hash_old;
++		EVP_CIPHER_CTX_copy;
++		UI_method_get_prompt_constructor;
++		UI_method_get_prompt_constructr;
++		UI_method_set_prompt_constructor;
++		UI_method_set_prompt_constructr;
++		EVP_read_pw_string_min;
++		CRYPTO_cts128_encrypt;
++		CRYPTO_cts128_decrypt_block;
++		CRYPTO_cfb128_1_encrypt;
++		CRYPTO_cbc128_encrypt;
++		CRYPTO_ctr128_encrypt;
++		CRYPTO_ofb128_encrypt;
++		CRYPTO_cts128_decrypt;
++		CRYPTO_cts128_encrypt_block;
++		CRYPTO_cbc128_decrypt;
++		CRYPTO_cfb128_encrypt;
++		CRYPTO_cfb128_8_encrypt;
++
++	local:
++		*;
++};
++
++
++OPENSSL_1.0.1 {
++	global:
++		SSL_renegotiate_abbreviated;
++		TLSv1_1_method;
++		TLSv1_1_client_method;
++		TLSv1_1_server_method;
++		SSL_CTX_set_srp_client_pwd_callback;
++		SSL_CTX_set_srp_client_pwd_cb;
++		SSL_get_srp_g;
++		SSL_CTX_set_srp_username_callback;
++		SSL_CTX_set_srp_un_cb;
++		SSL_get_srp_userinfo;
++		SSL_set_srp_server_param;
++		SSL_set_srp_server_param_pw;
++		SSL_get_srp_N;
++		SSL_get_srp_username;
++		SSL_CTX_set_srp_password;
++		SSL_CTX_set_srp_strength;
++		SSL_CTX_set_srp_verify_param_callback;
++		SSL_CTX_set_srp_vfy_param_cb;
++		SSL_CTX_set_srp_cb_arg;
++		SSL_CTX_set_srp_username;
++		SSL_CTX_SRP_CTX_init;
++		SSL_SRP_CTX_init;
++		SRP_Calc_A_param;
++		SRP_generate_server_master_secret;
++		SRP_gen_server_master_secret;
++		SSL_CTX_SRP_CTX_free;
++		SRP_generate_client_master_secret;
++		SRP_gen_client_master_secret;
++		SSL_srp_server_param_with_username;
++		SSL_srp_server_param_with_un;
++		SSL_SRP_CTX_free;
++		SSL_set_debug;
++		SSL_SESSION_get0_peer;
++		TLSv1_2_client_method;
++		SSL_SESSION_set1_id_context;
++		TLSv1_2_server_method;
++		SSL_cache_hit;
++		SSL_get0_kssl_ctx;
++		SSL_set0_kssl_ctx;
++		SSL_set_state;
++		SSL_CIPHER_get_id;
++		TLSv1_2_method;
++		kssl_ctx_get0_client_princ;
++		SSL_export_keying_material;
++		SSL_set_tlsext_use_srtp;
++		SSL_CTX_set_next_protos_advertised_cb;
++		SSL_CTX_set_next_protos_adv_cb;
++		SSL_get0_next_proto_negotiated;
++		SSL_get_selected_srtp_profile;
++		SSL_CTX_set_tlsext_use_srtp;
++		SSL_select_next_proto;
++		SSL_get_srtp_profiles;
++		SSL_CTX_set_next_proto_select_cb;
++		SSL_CTX_set_next_proto_sel_cb;
++		SSL_SESSION_get_compress_id;
++
++		SRP_VBASE_get_by_user;
++		SRP_Calc_server_key;
++		SRP_create_verifier;
++		SRP_create_verifier_BN;
++		SRP_Calc_u;
++		SRP_VBASE_free;
++		SRP_Calc_client_key;
++		SRP_get_default_gN;
++		SRP_Calc_x;
++		SRP_Calc_B;
++		SRP_VBASE_new;
++		SRP_check_known_gN_param;
++		SRP_Calc_A;
++		SRP_Verify_A_mod_N;
++		SRP_VBASE_init;
++		SRP_Verify_B_mod_N;
++		EC_KEY_set_public_key_affine_coordinates;
++		EC_KEY_set_pub_key_aff_coords;
++		EVP_aes_192_ctr;
++		EVP_PKEY_meth_get0_info;
++		EVP_PKEY_meth_copy;
++		ERR_add_error_vdata;
++		EVP_aes_128_ctr;
++		EVP_aes_256_ctr;
++		EC_GFp_nistp224_method;
++		EC_KEY_get_flags;
++		RSA_padding_add_PKCS1_PSS_mgf1;
++		EVP_aes_128_xts;
++		EVP_aes_256_xts;
++		EVP_aes_128_gcm;
++		EC_KEY_clear_flags;
++		EC_KEY_set_flags;
++		EVP_aes_256_ccm;
++		RSA_verify_PKCS1_PSS_mgf1;
++		EVP_aes_128_ccm;
++		EVP_aes_192_gcm;
++		X509_ALGOR_set_md;
++		RAND_init_fips;
++		EVP_aes_256_gcm;
++		EVP_aes_192_ccm;
++		CMAC_CTX_copy;
++		CMAC_CTX_free;
++		CMAC_CTX_get0_cipher_ctx;
++		CMAC_CTX_cleanup;
++		CMAC_Init;
++		CMAC_Update;
++		CMAC_resume;
++		CMAC_CTX_new;
++		CMAC_Final;
++		CRYPTO_ctr128_encrypt_ctr32;
++		CRYPTO_gcm128_release;
++		CRYPTO_ccm128_decrypt_ccm64;
++		CRYPTO_ccm128_encrypt;
++		CRYPTO_gcm128_encrypt;
++		CRYPTO_xts128_encrypt;
++		EVP_rc4_hmac_md5;
++		CRYPTO_nistcts128_decrypt_block;
++		CRYPTO_gcm128_setiv;
++		CRYPTO_nistcts128_encrypt;
++		EVP_aes_128_cbc_hmac_sha1;
++		CRYPTO_gcm128_tag;
++		CRYPTO_ccm128_encrypt_ccm64;
++		ENGINE_load_rdrand;
++		CRYPTO_ccm128_setiv;
++		CRYPTO_nistcts128_encrypt_block;
++		CRYPTO_gcm128_aad;
++		CRYPTO_ccm128_init;
++		CRYPTO_nistcts128_decrypt;
++		CRYPTO_gcm128_new;
++		CRYPTO_ccm128_tag;
++		CRYPTO_ccm128_decrypt;
++		CRYPTO_ccm128_aad;
++		CRYPTO_gcm128_init;
++		CRYPTO_gcm128_decrypt;
++		ENGINE_load_rsax;
++		CRYPTO_gcm128_decrypt_ctr32;
++		CRYPTO_gcm128_encrypt_ctr32;
++		CRYPTO_gcm128_finish;
++		EVP_aes_256_cbc_hmac_sha1;
++		PKCS5_pbkdf2_set;
++		CMS_add0_recipient_password;
++		CMS_decrypt_set1_password;
++		CMS_RecipientInfo_set0_password;
++		RAND_set_fips_drbg_type;
++		X509_REQ_sign_ctx;
++		RSA_PSS_PARAMS_new;
++		X509_CRL_sign_ctx;
++		X509_signature_dump;
++		d2i_RSA_PSS_PARAMS;
++		RSA_PSS_PARAMS_it;
++		RSA_PSS_PARAMS_free;
++		X509_sign_ctx;
++		i2d_RSA_PSS_PARAMS;
++		ASN1_item_sign_ctx;
++		EC_GFp_nistp521_method;
++		EC_GFp_nistp256_method;
++		OPENSSL_stderr;
++		OPENSSL_cpuid_setup;
++		OPENSSL_showfatal;
++		BIO_new_dgram_sctp;
++		BIO_dgram_sctp_msg_waiting;
++		BIO_dgram_sctp_wait_for_dry;
++		BIO_s_datagram_sctp;
++		BIO_dgram_is_sctp;
++		BIO_dgram_sctp_notification_cb;
++} OPENSSL_1.0.0;
++
++OPENSSL_1.0.1d {
++	global:
++		CRYPTO_memcmp;
++} OPENSSL_1.0.1;
++
++OPENSSL_1.0.1s {
++	global:
++		SRP_VBASE_get1_by_user;
++		SRP_user_pwd_free;
++} OPENSSL_1.0.1d;
++
++OPENSSL_1.0.2 {
++	global:
++		SSL_CTX_set_alpn_protos;
++		SSL_set_alpn_protos;
++		SSL_CTX_set_alpn_select_cb;
++		SSL_get0_alpn_selected;
++		SSL_CTX_set_custom_cli_ext;
++		SSL_CTX_set_custom_srv_ext;
++		SSL_CTX_set_srv_supp_data;
++		SSL_CTX_set_cli_supp_data;
++		SSL_set_cert_cb;
++		SSL_CTX_use_serverinfo;
++		SSL_CTX_use_serverinfo_file;
++		SSL_CTX_set_cert_cb;
++		SSL_CTX_get0_param;
++		SSL_get0_param;
++		SSL_certs_clear;
++		DTLSv1_2_method;
++		DTLSv1_2_server_method;
++		DTLSv1_2_client_method;
++		DTLS_method;
++		DTLS_server_method;
++		DTLS_client_method;
++		SSL_CTX_get_ssl_method;
++		SSL_CTX_get0_certificate;
++		SSL_CTX_get0_privatekey;
++		SSL_COMP_set0_compression_methods;
++		SSL_COMP_free_compression_methods;
++		SSL_CIPHER_find;
++		SSL_is_server;
++		SSL_CONF_CTX_new;
++		SSL_CONF_CTX_finish;
++		SSL_CONF_CTX_free;
++		SSL_CONF_CTX_set_flags;
++		SSL_CONF_CTX_clear_flags;
++		SSL_CONF_CTX_set1_prefix;
++		SSL_CONF_CTX_set_ssl;
++		SSL_CONF_CTX_set_ssl_ctx;
++		SSL_CONF_cmd;
++		SSL_CONF_cmd_argv;
++		SSL_CONF_cmd_value_type;
++		SSL_trace;
++		SSL_CIPHER_standard_name;
++		SSL_get_tlsa_record_byname;
++		ASN1_TIME_diff;
++		BIO_hex_string;
++		CMS_RecipientInfo_get0_pkey_ctx;
++		CMS_RecipientInfo_encrypt;
++		CMS_SignerInfo_get0_pkey_ctx;
++		CMS_SignerInfo_get0_md_ctx;
++		CMS_SignerInfo_get0_signature;
++		CMS_RecipientInfo_kari_get0_alg;
++		CMS_RecipientInfo_kari_get0_reks;
++		CMS_RecipientInfo_kari_get0_orig_id;
++		CMS_RecipientInfo_kari_orig_id_cmp;
++		CMS_RecipientEncryptedKey_get0_id;
++		CMS_RecipientEncryptedKey_cert_cmp;
++		CMS_RecipientInfo_kari_set0_pkey;
++		CMS_RecipientInfo_kari_get0_ctx;
++		CMS_RecipientInfo_kari_decrypt;
++		CMS_SharedInfo_encode;
++		DH_compute_key_padded;
++		d2i_DHxparams;
++		i2d_DHxparams;
++		DH_get_1024_160;
++		DH_get_2048_224;
++		DH_get_2048_256;
++		DH_KDF_X9_42;
++		ECDH_KDF_X9_62;
++		ECDSA_METHOD_new;
++		ECDSA_METHOD_free;
++		ECDSA_METHOD_set_app_data;
++		ECDSA_METHOD_get_app_data;
++		ECDSA_METHOD_set_sign;
++		ECDSA_METHOD_set_sign_setup;
++		ECDSA_METHOD_set_verify;
++		ECDSA_METHOD_set_flags;
++		ECDSA_METHOD_set_name;
++		EVP_des_ede3_wrap;
++		EVP_aes_128_wrap;
++		EVP_aes_192_wrap;
++		EVP_aes_256_wrap;
++		EVP_aes_128_cbc_hmac_sha256;
++		EVP_aes_256_cbc_hmac_sha256;
++		CRYPTO_128_wrap;
++		CRYPTO_128_unwrap;
++		OCSP_REQ_CTX_nbio;
++		OCSP_REQ_CTX_new;
++		OCSP_set_max_response_length;
++		OCSP_REQ_CTX_i2d;
++		OCSP_REQ_CTX_nbio_d2i;
++		OCSP_REQ_CTX_get0_mem_bio;
++		OCSP_REQ_CTX_http;
++		RSA_padding_add_PKCS1_OAEP_mgf1;
++		RSA_padding_check_PKCS1_OAEP_mgf1;
++		RSA_OAEP_PARAMS_free;
++		RSA_OAEP_PARAMS_it;
++		RSA_OAEP_PARAMS_new;
++		SSL_get_sigalgs;
++		SSL_get_shared_sigalgs;
++		SSL_check_chain;
++		X509_chain_up_ref;
++		X509_http_nbio;
++		X509_CRL_http_nbio;
++		X509_REVOKED_dup;
++		i2d_re_X509_tbs;
++		X509_get0_signature;
++		X509_get_signature_nid;
++		X509_CRL_diff;
++		X509_chain_check_suiteb;
++		X509_CRL_check_suiteb;
++		X509_check_host;
++		X509_check_email;
++		X509_check_ip;
++		X509_check_ip_asc;
++		X509_STORE_set_lookup_crls_cb;
++		X509_STORE_CTX_get0_store;
++		X509_VERIFY_PARAM_set1_host;
++		X509_VERIFY_PARAM_add1_host;
++		X509_VERIFY_PARAM_set_hostflags;
++		X509_VERIFY_PARAM_get0_peername;
++		X509_VERIFY_PARAM_set1_email;
++		X509_VERIFY_PARAM_set1_ip;
++		X509_VERIFY_PARAM_set1_ip_asc;
++		X509_VERIFY_PARAM_get0_name;
++		X509_VERIFY_PARAM_get_count;
++		X509_VERIFY_PARAM_get0;
++		X509V3_EXT_free;
++		EC_GROUP_get_mont_data;
++		EC_curve_nid2nist;
++		EC_curve_nist2nid;
++		PEM_write_bio_DHxparams;
++		PEM_write_DHxparams;
++		SSL_CTX_add_client_custom_ext;
++		SSL_CTX_add_server_custom_ext;
++		SSL_extension_supported;
++		BUF_strnlen;
++		sk_deep_copy;
++		SSL_test_functions;
++} OPENSSL_1.0.1d;
diff --git a/source/n/openssl10/openssl10.SlackBuild b/source/n/openssl10/openssl10.SlackBuild
new file mode 100755
index 000000000..c718ca8c6
--- /dev/null
+++ b/source/n/openssl10/openssl10.SlackBuild
@@ -0,0 +1,285 @@
+#!/bin/bash
+
+# Copyright 2000 BSDi, Inc. Concord, CA, USA
+# Copyright 2001, 2002 Slackware Linux, Inc.  Concord, CA, USA
+# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# Set initial variables:
+cd $(dirname $0) ; CWD=$(pwd)
+TMP=${TMP:-/tmp}
+
+PKGNAM=openssl10
+VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) export ARCH=i586 ;;
+    arm*) export ARCH=arm ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+       *) export ARCH=$( uname -m ) ;;
+  esac
+fi
+
+PKG1=$TMP/package-openssl10
+PKG2=$TMP/package-ossllibs10
+NAME1=openssl10-$VERSION-$ARCH-$BUILD
+NAME2=openssl10-solibs-$VERSION-$ARCH-$BUILD
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "${NAME1}.txz"
+  echo "${NAME2}.txz"
+  exit 0
+fi
+
+# Parallel build doesn't link properly.
+#NUMJOBS=${NUMJOBS:--j6}
+
+# So that ls has the right field counts for parsing...
+export LC_ALL=C
+
+cd $TMP
+rm -rf $PKG1 $PKG2 openssl-$VERSION
+
+tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1
+cd openssl-$VERSION
+
+# OpenSSL-1.0.2 wiil require the use of versioned symbols in order to avoid
+# collisions with OpenSSL-1.1.x symbols if something links to both:
+zcat $CWD/openssl-1.0-versioned-symbols.patch.gz | patch -p1 --verbose || exit 1
+
+# Fix pod syntax errors which are fatal wih a newer perl:
+find . -name "*.pod" -exec sed -i "s/^\=item \([0-9]\)\(\ \|$\)/\=item C<\1>/g" {} \;
+
+# Use .so.1, not .so.1.0.0:
+sed -i "s/soname=\$\$SHLIB\$\$SHLIB_SOVER\$\$SHLIB_SUFFIX/soname=\$\$SHLIB.1/g" Makefile.shared
+
+if [ "$ARCH" = "i586" ]; then
+  # Build with -march=i586 -mtune=i686:
+  sed -i "/linux-elf/s/fomit-frame-pointer/fomit-frame-pointer -march=i586 -mtune=i686/g" Configure
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+  # Build with -march=i686 -mtune=i686:
+  sed -i "/linux-elf/s/fomit-frame-pointer/fomit-frame-pointer -march=i686 -mtune=i686/g" Configure
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  LIBDIRSUFFIX="64"
+fi
+
+# OpenSSL has a (nasty?) habit of bumping the internal version number with
+# every release.  This wouldn't be so bad, but some applications are so
+# paranoid that they won't run against a different OpenSSL version than
+# what they were compiled against, whether or not the ABI has changed.
+#
+# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.0.2o unless ABI
+# breakage forces it to change.  Yes, we're finally using this old trick.  :)
+#
+# Note: we updated this to 1.0.2o since introducing symbol versioning broke
+# the ABI. Now we'll leave it alone again.
+sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x100020ffL (1.0.2o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x100020ffL/g" crypto/opensslv.h || exit 1
+
+chown -R root:root .
+mkdir -p $PKG1/usr/doc/openssl-$VERSION
+cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \
+  LICENSE NEWS README README.ENGINE $PKG1/usr/doc/openssl-$VERSION
+find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \;
+find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \;
+
+# If there's a CHANGES file, installing at least part of the recent history
+# is useful, but don't let it get totally out of control:
+if [ -r CHANGES ]; then
+  DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION)
+  cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES
+  touch -r CHANGES $DOCSDIR/CHANGES
+fi
+
+# These are the known patent issues with OpenSSL:
+# name   #         expires
+# MDC-2: 4,908,861  2007-03-13, not included.
+# IDEA:  5,214,703  2010-05-25, not included.
+# RC5:   5,724,428  2015-03-03, not included.
+#
+# Although all of the above are expired, it's still probably
+# not a good idea to include them as there are better
+# algorithms to use.
+
+./config \
+ --prefix=/usr \
+ --openssldir=/etc/ssl \
+ --libdir=lib${LIBDIRSUFFIX}/openssl-1.0 \
+ no-mdc2 \
+ no-idea \
+ no-rc5 \
+ no-sse2 \
+ no-ssl2 \
+ no-weak-ssl-ciphers \
+ shared
+
+make $NUMJOBS depend || make depend || exit 1
+
+make $NUMJOBS || make || exit 1
+
+make install INSTALL_PREFIX=$PKG1 || exit 1
+
+# No thanks on static libraries:
+rm -f $PKG1/usr/lib${LIBDIRSUFFIX}/openssl-1.0/*.a
+
+# Make the .so.? library symlinks:
+( cd $PKG1/usr/lib${LIBDIRSUFFIX}/openssl-1.0 ; ldconfig -l lib*.so.* )
+
+# Move libraries, as they might be needed by programs that bring a network
+# mounted /usr online:
+
+mkdir $PKG1/lib${LIBDIRSUFFIX}
+( cd $PKG1/usr/lib${LIBDIRSUFFIX}/openssl-1.0
+  for file in lib*.so.?.* ; do
+    mv $file ../../../lib${LIBDIRSUFFIX}
+    ln -sf ../../../lib${LIBDIRSUFFIX}/$file .
+  done 
+  cp -a lib*.so.? ../../../lib${LIBDIRSUFFIX}
+)
+
+# Move include files:
+mkdir -p $PKG1/usr/include/openssl-1.0
+mv $PKG1/usr/include/openssl $PKG1/usr/include/openssl-1.0/openssl
+
+# Edit .pc files to correct the includedir:
+sed -e "s|/include$|/include/openssl-1.0|" -i $PKG1/usr/lib${LIBDIRSUFFIX}/openssl-1.0/pkgconfig/*.pc
+
+# Rename openssl binary:
+mv $PKG1/usr/bin/openssl $PKG1/usr/bin/openssl-1.0
+
+# Don't package these things:
+rm -rf $PKG1/etc $PKG1/usr/bin/c_rehash
+
+# Not needed in openssl10 compat package.
+#
+## Add a cron script to warn root if a certificate is going to expire soon:
+#mkdir -p $PKG1/etc/cron.daily
+#zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new
+#chmod 755 $PKG1/etc/cron.daily/certwatch.new
+
+#mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new
+
+( cd $PKG1
+  find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+  find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+)
+
+#mv $PKG1/etc/ssl/man $PKG1/usr
+## Fix manpage name collisions, and relink anything that linked to the old name:
+#( cd $PKG1/usr/man/man1
+#  mv passwd.1 ssl_passwd.1
+#  for file in *.1 ; do
+#    if [ -L $file ]; then
+#      if [ "$(readlink $file)" = "passwd.1" ]; then
+#        rm -f $file
+#        ln -sf ssl_passwd.1 $file
+#      fi
+#    fi
+#  done )
+#( cd $PKG1/usr/man/man3
+#  mv rand.3 ssl_rand.3
+#  for file in *.3 ; do
+#    if [ -L $file ]; then
+#      if [ "$(readlink $file)" = "rand.3" ]; then
+#        rm -f $file
+#        ln -sf ssl_rand.3 $file
+#      fi
+#    fi
+#  done )
+#( cd $PKG1/usr/man/man3
+#  mv err.3 ssl_err.3
+#  for file in *.3 ; do
+#    if [ -L $file ]; then
+#      if [ "$(readlink $file)" = "err.3" ]; then
+#        rm -f $file
+#        ln -sf ssl_err.3 $file
+#      fi
+#    fi
+#  done )
+#
+## Compress and symlink the man pages:
+#if [ -d $PKG1/usr/man ]; then
+#  ( cd $PKG1/usr/man
+#    for manpagedir in $(find . -type d -name "man*") ; do
+#      ( cd $manpagedir
+#        for eachpage in $( find . -type l -maxdepth 1) ; do
+#          ln -s $( readlink $eachpage ).gz $eachpage.gz
+#          rm $eachpage
+#        done
+#        gzip -9 *.?
+#      )
+#    done
+#  )
+#fi
+
+# If there's an openssl0 directory, then build openssl-0 shared libraries for
+# compatibility with programs linked to those:
+if [ -d $CWD/openssl0 ]; then
+  ( cd $CWD/openssl0
+    ./openssl0.build || exit 1
+  ) || exit 1
+  # Don't put these in the openssl package...  openssl-solibs is enough.
+  #mkdir -p $PKG1/lib${LIBDIRSUFFIX}
+  #cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG1/lib${LIBDIRSUFFIX}
+  #( cd $PKG1/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? )
+  mkdir -p $PKG2/lib${LIBDIRSUFFIX}
+  cp -a $TMP/package-openssl0/usr/lib/lib*.so.?.?.? $PKG2/lib${LIBDIRSUFFIX}
+  ( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.?.?.? )
+fi
+
+cd $PKG1
+#chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig
+#sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc
+mkdir -p install
+cat $CWD/slack-desc.openssl10 > install/slack-desc
+/sbin/makepkg -l y -c n $TMP/${NAME1}.txz
+
+# Make runtime package:
+mkdir -p $PKG2/lib${LIBDIRSUFFIX}
+( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} )
+( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * )
+#mkdir -p $PKG2/etc
+#( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . )
+mkdir -p $PKG2/usr/doc/openssl-$VERSION
+( cd $TMP/openssl-$VERSION
+  cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \
+  LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION
+  # If there's a CHANGES file, installing at least part of the recent history
+  # is useful, but don't let it get totally out of control:
+  if [ -r CHANGES ]; then
+    DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION)
+    cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES
+    touch -r CHANGES $DOCSDIR/CHANGES
+  fi
+)
+
+find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \;
+find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \;
+cd $PKG2
+mkdir -p install
+cat $CWD/slack-desc.openssl10-solibs > install/slack-desc
+/sbin/makepkg -l y -c n $TMP/${NAME2}.txz
diff --git a/source/n/openssl10/slack-desc.openssl10 b/source/n/openssl10/slack-desc.openssl10
new file mode 100644
index 000000000..04d96bced
--- /dev/null
+++ b/source/n/openssl10/slack-desc.openssl10
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
+# leave one space after the ':'.
+
+         |-----handy-ruler------------------------------------------------------|
+openssl10: openssl10 (SSL toolkit version 1.0.x)
+openssl10:
+openssl10: The OpenSSL certificate management tool and the shared libraries that
+openssl10: provide various encryption and decryption algorithms and protocols.
+openssl10:
+openssl10: This product includes software developed by the OpenSSL Project for
+openssl10: use in the OpenSSL Toolkit (http://www.openssl102.org). This product
+openssl10: includes cryptographic software written by Eric Young
+openssl10: (eay@cryptsoft.com). This product includes software written by Tim
+openssl10: Hudson (tjh@cryptsoft.com).
+openssl10:
diff --git a/source/n/openssl10/slack-desc.openssl10-solibs b/source/n/openssl10/slack-desc.openssl10-solibs
new file mode 100644
index 000000000..ba89b261e
--- /dev/null
+++ b/source/n/openssl10/slack-desc.openssl10-solibs
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
+# leave one space after the ':'.
+
+                |-----handy-ruler------------------------------------------------------|
+openssl10-solibs: openssl10-solibs (OpenSSL shared libraries v1.0.x)
+openssl10-solibs:
+openssl10-solibs: These shared libraries provide encryption routines required by
+openssl10-solibs: programs such as openssh, bind, sendmail, and many others.
+openssl10-solibs:
+openssl10-solibs: This product includes software developed by the OpenSSL Project for
+openssl10-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product
+openssl10-solibs: includes cryptographic software written by Eric Young
+openssl10-solibs: (eay@cryptsoft.com). This product includes software written by Tim
+openssl10-solibs: Hudson (tjh@cryptsoft.com).
+openssl10-solibs:
diff --git a/source/n/nn/doinst.sh b/source/n/openvpn/doinst.sh
index 80f6fce0d..4b9b133a9 100644
--- a/source/n/nn/doinst.sh
+++ b/source/n/openvpn/doinst.sh
@@ -10,7 +10,16 @@ config() {
   fi
   # Otherwise, we leave the .new copy for the admin to consider...
 }
-config etc/nntpserver.new
-# If you already have a different etc/nntpserver then this one is useless:
-rm -f etc/nntpserver.new
+preserve_perms() {
+  NEW="$1"
+  OLD="$(dirname ${NEW})/$(basename ${NEW} .new)"
+  if [ -e ${OLD} ]; then
+    cp -a ${OLD} ${NEW}.incoming
+    cat ${NEW} > ${NEW}.incoming
+    mv ${NEW}.incoming ${NEW}
+  fi
+  config ${NEW}
+}
+
+preserve_perms etc/rc.d/rc.openvpn.new
 
diff --git a/source/n/openvpn/openvpn.SlackBuild b/source/n/openvpn/openvpn.SlackBuild
index cb9efc4f0..c8457f9d3 100755
--- a/source/n/openvpn/openvpn.SlackBuild
+++ b/source/n/openvpn/openvpn.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006, Alan Hicks, Lizella, GA
-# Copyright 2008, 2009, 2010, 2011, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,10 +21,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=openvpn
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,6 +37,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -52,7 +61,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -84,9 +92,8 @@ CXXFLAGS="$SLKCFLAGS" \
   --docdir=/usr/doc/openvpn-${VERSION} \
   --enable-lzo \
   --enable-iproute2 \
-  --enable-password-save \
   --disable-plugin-auth-pam \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install-strip DESTDIR=$PKG || exit 1
@@ -97,26 +104,33 @@ mkdir -p $PKG/etc/openvpn/{certs,keys}
 chown root:nobody $PKG/etc/openvpn/{certs,keys}
 chmod 750 $PKG/etc/openvpn/{certs,keys}
 
-# Install a reasonably generic sample config file:
-cp -a $CWD/openvpn.conf.sample $PKG/etc/openvpn/openvpn.conf.sample
-chmod 644 $PKG/etc/openvpn/openvpn.conf.sample
+# Install a startup script:
+mkdir -p $PKG/etc/rc.d
+cp -a $CWD/rc.openvpn $PKG/etc/rc.d/rc.openvpn.new
+chmod 644 $PKG/etc/rc.d/rc.openvpn.new
+chown root:root $PKG/etc/rc.d/rc.openvpn.new
 
 # Let folks know about the other configs, if they haven't found them.
 # They might even find the documentation there useful.  ;-)
 cat << EOF > $PKG/etc/openvpn/README.TXT
-Have a look in /usr/doc/$PKGNAM-$VERSION/sample-config-files
-for some more examples of how to configure OpenVPN.  You'll
-need to add something to your /etc/rc.d/rc.local to start
-OpenVPN, as well as to tell it where to find its config file.
+One or more OpenVPN config files should be installed in this directory
+as files ending in ".conf" (i.e. client.conf, server.conf, etc.).
+
+Have a look in sample-config-files for some more examples of how to
+configure OpenVPN.
+
+To start OpenVPN, use this command as root:
+sh /etc/rc.d/rc.openvpn start
 
+To make OpenVPN start automatically at boot, change the script permissions:
+chmod 755 /etc/rc.d/rc.openvpn
 
 See "man openvpn" and the other docs for more information.
 EOF
 
 # Add a link, too:
-mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files
-( cd $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files
-  ln -sf /etc/openvpn/openvpn.conf.sample .
+( cd $PKG/etc/openvpn
+  ln -sf /usr/doc/$PKGNAM-$VERSION/sample-config-files .
 )
 
 if [ -d $PKG/usr/man ]; then
@@ -127,10 +141,17 @@ if [ -d $PKG/usr/man ]; then
 fi
 
 mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
-cp -a AUTHORS COPYING* COPYRIGHT.GPL INSTALL INSTALL-win32.txt \
-  NEWS PORTS README* sample-config-files sample-keys sample-scripts easy-rsa \
+cp -a AUTHORS COPYING* COPYRIGHT* INSTALL* \
+  NEWS PORTS README* sample/sample-config-files sample/sample-keys sample/sample-scripts \
   $PKG/usr/doc/$PKGNAM-$VERSION
 
+# Install a reasonably generic sample config file:
+# (put this in with the other samples)
+mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files
+cp -a $CWD/slackware.conf $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files
+chown root:root $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf
+chmod 644 $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf
+
 # If there's a ChangeLog, installing at least part of the recent history
 # is useful, but don't let it get totally out of control:
 if [ -r ChangeLog ]; then
@@ -140,6 +161,7 @@ if [ -r ChangeLog ]; then
 fi
 
 mkdir -p $PKG/install
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
diff --git a/source/n/openvpn/openvpn.url b/source/n/openvpn/openvpn.url
index 0845c4112..4c476d874 100644
--- a/source/n/openvpn/openvpn.url
+++ b/source/n/openvpn/openvpn.url
@@ -1 +1,2 @@
-https://swupdate.openvpn.org/community/releases/
+https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz
+https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz.asc
diff --git a/source/n/openvpn/rc.openvpn b/source/n/openvpn/rc.openvpn
new file mode 100644
index 000000000..86f319225
--- /dev/null
+++ b/source/n/openvpn/rc.openvpn
@@ -0,0 +1,111 @@
+#!/bin/sh 
+# 
+# /etc/rc.d/rc.openvpn 
+# 
+# Start/stop/restart the openvpn daemon. 
+#
+# By default, this script will start/stop/restart a daemon for every *.conf
+# file found in /etc/openvpn.
+#
+# To work with a single connection, add the name of the config file:
+# /etc/rc.d/rc.openvpn start configfile.conf
+#
+# You may also use a config file not found in /etc/openvpn by providing a
+# complete path:
+# /etc/rc.d/rc.openvpn start /path/to/some/other/configfile.conf
+#
+# The name of a config file provided with a complete path should not match
+# the name of any config file present in the /etc/openvpn directory.
+ 
+ovpn_start() { 
+  if [ -x /usr/sbin/openvpn ]; then
+    if [ -z "$1" ]; then # start OpenVPN for all config files:
+      if /bin/ls /etc/openvpn/*.conf 1> /dev/null 2> /dev/null ; then
+        for config in /etc/openvpn/*.conf ; do
+          echo "Starting OpenVPN:  /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config"
+          /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config
+        done
+      else
+        echo "Unable to start OpenVPN - no .conf files found in /etc/openvpn/."
+      fi
+    else # start OpenVPN for one config file:
+      if [ -r "$1" ]; then
+        echo "Starting OpenVPN:  /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1"
+        /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1
+      else # config file is missing:
+        echo "Error starting OpenVPN: config file $1 is missing."
+      fi
+    fi
+  fi
+} 
+
+ovpn_stop() { 
+  # Note: OpenVPN has a bad habit of leaving stale pid files around when exiting.
+  # Maybe it would be better to just use killall unless called for one config?
+  if [ -z "$1" ]; then # stop OpenVPN for all pid files:
+    if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then
+      for pid in /run/openvpn/*.pid ; do
+        echo "Stopping OpenVPN for pid file $pid..."
+        kill $(cat $pid)
+        rm -f $pid
+      done
+    else
+      echo "Warning: no pid files found in /run/openvpn/. Using killall to stop any OpenVPN processes."
+      killall openvpn
+    fi
+  else # stop OpenVPN for one config file:
+    if [ -r /run/openvpn/$(basename ${1}).pid ]; then
+      echo "Stopping OpenVPN for config file ${1}..."
+      kill $(cat /run/openvpn/$(basename ${1}).pid)
+      rm -f /run/openvpn/$(basename ${1}).pid
+    else
+      echo "Error stopping OpenVPN: no such pid file /run/openvpn/$(basename ${1}).pid"
+    fi
+  fi
+}
+
+ovpn_restart() {
+  if [ ! -z "$1" ]; then # restart for all config files:
+    ovpn_stop
+    sleep 2
+    ovpn_start
+  else # restart for one config file only:
+    ovpn_stop $1
+    sleep 2
+    ovpn_start $1
+  fi
+}
+
+ovpn_status() {
+  if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then
+    echo "Currently running OpenVPN processes according to .pid files in /run/openvpn:"
+    for pid in /run/openvpn/*.pid ; do
+      echo "  $(basename $pid) ($(cat $pid))"
+    done
+  else
+    echo "No .pid files found in /run/openvpn." 
+  fi
+}
+
+# Create PID directory if it doesn't exist:
+if [ ! -d /run/openvpn ]; then
+  mkdir -p /run/openvpn
+fi
+
+case "$1" in
+'start')
+  ovpn_start $2
+  ;;
+'stop')
+  ovpn_stop $2
+  ;;
+'restart')
+  ovpn_restart $2
+  ;;
+'status')
+  ovpn_status
+  ;;
+*)
+  echo "Usage: $0 {start|stop|restart}"
+esac
+
diff --git a/source/n/openvpn/slack-desc b/source/n/openvpn/slack-desc
index e73ab2fd2..7ffd6167d 100644
--- a/source/n/openvpn/slack-desc
+++ b/source/n/openvpn/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
@@ -13,7 +13,7 @@ openvpn: of configurations, including remote access, site-to-site VPNs, WiFi
 openvpn: security, and enterprise-scale remote access with load balancing,
 openvpn: failover, and fine-grained access-controls.
 openvpn:
-openvpn: OpenVPN's home on the net is:  http://openvpn.net
+openvpn: OpenVPN's home on the net is: http://openvpn.net
 openvpn:
 openvpn:
 openvpn:
diff --git a/source/n/openvpn/openvpn.conf.sample b/source/n/openvpn/slackware.conf
index 4314b5441..4314b5441 100644
--- a/source/n/openvpn/openvpn.conf.sample
+++ b/source/n/openvpn/slackware.conf
diff --git a/source/n/p11-kit/p11-kit.SlackBuild b/source/n/p11-kit/p11-kit.SlackBuild
index b9a9b21f3..ebfd1a6a4 100755
--- a/source/n/p11-kit/p11-kit.SlackBuild
+++ b/source/n/p11-kit/p11-kit.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for p11-kit
 
@@ -22,8 +22,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=p11-kit
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:--j6}
@@ -36,7 +38,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -58,8 +67,8 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
-cd $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
+cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
  \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -80,6 +89,9 @@ CXXFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 # Create the module dir
 mkdir -p $PKG/etc/pkcs11/modules
 
diff --git a/source/n/p11-kit/p11-kit.url b/source/n/p11-kit/p11-kit.url
new file mode 100644
index 000000000..7d61ad274
--- /dev/null
+++ b/source/n/p11-kit/p11-kit.url
@@ -0,0 +1 @@
+https://github.com/p11-glue/p11-kit/releases
diff --git a/source/n/p11-kit/slack-desc b/source/n/p11-kit/slack-desc
index d5cf1db78..256a2dc8a 100644
--- a/source/n/p11-kit/slack-desc
+++ b/source/n/p11-kit/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
        |-----handy-ruler------------------------------------------------------|
@@ -11,7 +11,7 @@ p11-kit:
 p11-kit: p11-kit provides a way to load and enumerate PKCS#11 modules. 
 p11-kit:
 p11-kit: It provides a standard configuration setup for installing PKCS#11 
-p11-kit: modules in such a way that they're discoverable.  It also solves
+p11-kit: modules in such a way that they're discoverable. It also solves
 p11-kit: problems with coordinating the use of PKCS#11 by different components
 p11-kit: or libraries living in the same process.
 p11-kit:
diff --git a/source/n/php/doinst.sh b/source/n/php/doinst.sh
index a6f584ed3..cd084784e 100644
--- a/source/n/php/doinst.sh
+++ b/source/n/php/doinst.sh
@@ -1,7 +1,5 @@
-if [ ! -r etc/httpd/mod_php.conf ]; then
-  cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf
-elif [ "`cat etc/httpd/mod_php.conf 2> /dev/null`" = "" ]; then
-  cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf
+if [ "`cat etc/httpd/mod_php.conf 2> /dev/null`" = "" ]; then
+  cp -a etc/httpd/mod_php.conf.new etc/httpd/mod_php.conf
 fi
 
 config() {
@@ -28,3 +26,4 @@ cp -a etc/php-fpm.conf.default etc/php-fpm.conf.new
 config etc/php-fpm.conf.new
 cp -a etc/php-fpm.conf.default etc/php-fpm.conf.new
 config etc/php-fpm.conf.new
+config etc/httpd/mod_php.conf.new
diff --git a/source/n/php/fetch-php.sh b/source/n/php/fetch-php.sh
index a44015edf..23c47ac18 100755
--- a/source/n/php/fetch-php.sh
+++ b/source/n/php/fetch-php.sh
@@ -1 +1,2 @@
-lftpget http://us.php.net/distributions/php-5.6.23.tar.xz
+lftpget http://us.php.net/distributions/php-7.2.6.tar.xz.asc
+lftpget http://us.php.net/distributions/php-7.2.6.tar.xz
diff --git a/source/n/php/mod_php.conf.example b/source/n/php/mod_php.conf.example
index 670eb7135..d8f96eb09 100644
--- a/source/n/php/mod_php.conf.example
+++ b/source/n/php/mod_php.conf.example
@@ -3,7 +3,7 @@
 #
 
 # Load the PHP module:
-LoadModule php5_module lib/httpd/modules/libphp5.so
+LoadModule php7_module lib/httpd/modules/libphp7.so
 
 # Tell Apache to feed all *.php files through PHP.  If you'd like to
 # parse PHP embedded in files with different extensions, comment out
diff --git a/source/n/php/php-fpm.conf.diff b/source/n/php/php-fpm.conf.diff
index 38d0f9c6e..03b0f5033 100644
--- a/source/n/php/php-fpm.conf.diff
+++ b/source/n/php/php-fpm.conf.diff
@@ -1,28 +1,19 @@
---- ./sapi/fpm/php-fpm.conf.in.orig	2012-05-20 19:47:53.000000000 +0200
-+++ ./sapi/fpm/php-fpm.conf.in	2012-05-21 09:16:32.646276661 +0200
-@@ -12,7 +12,7 @@
- ; Relative path can also be used. They will be prefixed by:
- ;  - the global prefix if it's been set (-p arguement)
- ;  - @prefix@ otherwise
--;include=etc/fpm.d/*.conf
-+;include=etc/php-fpm.d/*.conf
-
- ;;;;;;;;;;;;;;;;;;
- ; Global Options ;
-@@ -22,14 +22,14 @@
+--- ./sapi/fpm/php-fpm.conf.in.orig	2017-11-21 21:02:19.000000000 -0600
++++ ./sapi/fpm/php-fpm.conf.in	2017-11-27 20:07:58.533458347 -0600
+@@ -14,14 +14,14 @@
  ; Pid file
  ; Note: the default prefix is @EXPANDED_LOCALSTATEDIR@
  ; Default Value: none
 -;pid = run/php-fpm.pid
 +pid = run/php-fpm.pid
-
+ 
  ; Error log file
  ; If it's set to "syslog", log is sent to syslogd instead of being written
- ; in a local file.
+ ; into a local file.
  ; Note: the default prefix is @EXPANDED_LOCALSTATEDIR@
  ; Default Value: log/php-fpm.log
 -;error_log = log/php-fpm.log
 +error_log = log/php-fpm.log
-
+ 
  ; syslog_facility is used to specify what type of program is logging the
  ; message. This lets syslogd specify that messages from different facilities
diff --git a/source/n/php/php.SlackBuild b/source/n/php/php.SlackBuild
index 2e8748ce9..f7d80825e 100755
--- a/source/n/php/php.SlackBuild
+++ b/source/n/php/php.SlackBuild
@@ -1,9 +1,9 @@
-#!/bin/sh
+#!/bin/bash
 
 # Build and package mod_php on Slackware.
 # by:  David Cantrell <david@slackware.com>
 # Modified for PHP 4-5 by volkerdi@slackware.com
-# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015  Patrick Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017  Patrick Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -23,9 +23,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=php
 VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-ALPINE=2.20
+ALPINE=2.21
 BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
@@ -38,9 +40,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-php/
 rm -rf $PKG
@@ -73,7 +82,7 @@ if [ -r $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a ]; then
   ls -l $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a
   sleep 5
 else
-  ( cd $CWD/../alpine ; ./alpine.SlackBuild || exit 1 ) || exit 1
+  ( cd $CWD/../alpine ; VERSION=${ALPINE} ; ./alpine.SlackBuild || exit 1 ) || exit 1
   ( cd $TMP/alpine-${ALPINE}/imap/c-client
     strip -g c-client.a
     mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX}
@@ -95,8 +104,8 @@ fi
 
 cd $TMP
 rm -rf php-$VERSION
-tar xvf $CWD/php-$VERSION.tar.?z* || exit 1
-cd php-$VERSION
+tar xvf $CWD/php-$VERSION.tar.xz || exit 1
+cd php-$VERSION || exit 1
 
 # cleanup:
 find . -name "*.orig" -delete
@@ -136,10 +145,15 @@ zcat $CWD/php-fpm.conf.diff.gz | patch -p1 --verbose || exit 1
 sed -i "s|build$|php/build|" scripts/Makefile.frag
 sed -i "s|build\"$|php/build\"|" scripts/phpize.in
 
+# NOTE: Added -DU_USING_ICU_NAMESPACE=1 to CXXFLAGS, which should be a temporary
+# requirement. See the link below:
+# http://site.icu-project.org/download/61#TOC-Migration-Issues
+
 # Generic "kitchen sink" configure function, with as many things as possible (and
 # maybe then some ;-) compiled as shared extensions:
 EXTENSION_DIR=/usr/lib${LIBDIRSUFFIX}/php/extensions \
 CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS -DU_USING_ICU_NAMESPACE=1" \
 ./configure \
   --prefix=/usr \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
@@ -160,11 +174,11 @@ CFLAGS="$SLKCFLAGS" \
   --enable-tokenizer=shared \
   --with-config-file-scan-dir=/etc/php.d \
   --with-config-file-path=/etc \
-  --enable-mod_charset \
   --with-layout=PHP \
   --disable-sigchild \
   --enable-xml \
   --with-libxml-dir=/usr \
+  --with-xmlrpc=shared \
   --enable-simplexml \
   --enable-xmlreader=shared \
   --enable-dom=shared \
@@ -178,7 +192,6 @@ CFLAGS="$SLKCFLAGS" \
   --enable-calendar=shared \
   --enable-ctype=shared \
   --with-curl=shared \
-  --with-mcrypt=/usr \
   --enable-dba=shared \
   --with-gdbm=/usr \
   --with-db4=/usr \
@@ -187,12 +200,9 @@ CFLAGS="$SLKCFLAGS" \
   --with-gd=shared \
   --with-jpeg-dir=/usr \
   --with-png-dir=/usr \
-  --with-vpx-dir=/usr \
   --with-zlib-dir=/usr \
   --with-xpm-dir=/usr \
   --with-freetype-dir=/usr \
-  --with-t1lib=/usr \
-  --enable-gd-native-ttf \
   --with-gettext=shared,/usr \
   --with-gmp=shared,/usr \
   --with-iconv=shared \
@@ -201,7 +211,7 @@ CFLAGS="$SLKCFLAGS" \
   --with-ldap=shared \
   --enable-mbstring=shared \
   --enable-hash \
-  --with-mysql=shared,mysqlnd \
+  --enable-mysqlnd=shared \
   --with-mysqli=shared,mysqlnd \
   --with-mysql-sock=/var/run/mysql/mysql.sock \
   --with-iodbc=shared,/usr \
@@ -216,7 +226,6 @@ CFLAGS="$SLKCFLAGS" \
   --enable-soap=shared \
   --enable-sockets \
   --with-sqlite3=shared \
-  --with-regex=php \
   --enable-sysvmsg \
   --enable-sysvsem \
   --enable-sysvshm \
@@ -231,7 +240,8 @@ CFLAGS="$SLKCFLAGS" \
   --with-gnu-ld \
   --with-pic \
   --enable-phpdbg \
-  --build=$ARCH-slackware-linux
+  --with-sodium \
+  --build=$ARCH-slackware-linux || exit 1
 
 # I am told this option is worse than nothing.  :-)
 #  --enable-safe-mode
@@ -276,7 +286,7 @@ chmod 644 $PKG/usr/doc/php-$VERSION/UPGRADING*
 
 mkdir -p $PKG/etc/httpd
 cat $CWD/mod_php.conf.example | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" \
-  > $PKG/etc/httpd/mod_php.conf.example
+  > $PKG/etc/httpd/mod_php.conf.new
 chmod 644 $PKG/etc/httpd/*
 chown root:root $PKG/etc/httpd/*
 
diff --git a/source/n/php/php.ini-development.diff b/source/n/php/php.ini-development.diff
index ffa7c0c9d..2e8d6aa58 100644
--- a/source/n/php/php.ini-development.diff
+++ b/source/n/php/php.ini-development.diff
@@ -1,61 +1,62 @@
---- ./php.ini-development.orig	2012-07-18 01:19:16.000000000 -0500
-+++ ./php.ini-development	2012-08-08 20:06:33.512546116 -0500
-@@ -859,6 +859,49 @@
- ; If you only provide the name of the extension, PHP will look for it in its
- ; default extension directory.
- ;
+--- ./php.ini-development.orig	2017-11-28 03:23:05.000000000 -0600
++++ ./php.ini-development	2017-12-01 23:08:13.986123496 -0600
+@@ -875,7 +875,50 @@
+ ; 'extension='php_<ext>.dll') is supported for legacy reasons and may be
+ ; deprecated in a future PHP major version. So, when it is possible, please
+ ; move to the new ('extension=<ext>) syntax.
 +
 +; These are the extensions that are available for use on this PHP build.
 +; If you do NOT need any of these extensions, you should comment them out.
 +; That will probably increase both your security and performance.
+ ;
++extension=bcmath
++extension=bz2
++extension=calendar
++extension=ctype
++extension=curl
++extension=dba
++extension=dom
++extension=enchant
++extension=exif
++extension=ftp
++extension=gd
++extension=gettext
++extension=gmp
++extension=iconv
++extension=intl
++extension=ldap
++extension=mbstring
++extension=mysqlnd
++extension=mysqli
++extension=odbc
++extension=openssl
++zend_extension=opcache
++extension=pdo
++extension=pdo_mysql
++extension=pdo_sqlite
++extension=pdo_odbc
++extension=pspell
++extension=shmop
++extension=snmp
++extension=soap
++extension=sqlite3
++extension=tokenizer
++extension=wddx
++extension=xmlreader
++extension=xmlrpc
++extension=xsl
++extension=zip
++extension=zlib
 +
-+extension=bcmath.so
-+extension=bz2.so
-+extension=calendar.so
-+extension=ctype.so
-+extension=curl.so
-+extension=dba.so
-+extension=dom.so
-+extension=enchant.so
-+extension=exif.so
-+extension=ftp.so
-+extension=gd.so
-+extension=gettext.so
-+extension=gmp.so
-+extension=iconv.so
-+extension=intl.so
-+extension=ldap.so
-+extension=mbstring.so
-+extension=mysql.so
-+extension=mysqli.so
-+extension=odbc.so
-+extension=openssl.so
-+zend_extension=opcache.so
-+extension=pdo.so
-+extension=pdo_mysql.so
-+extension=pdo_sqlite.so
-+extension=pdo_odbc.so
-+extension=pspell.so
-+extension=shmop.so
-+extension=snmp.so
-+extension=soap.so
-+extension=sqlite3.so
-+extension=tokenizer.so
-+extension=wddx.so
-+extension=xmlreader.so
-+extension=xsl.so
-+extension=zip.so
-+extension=zlib.so
-+
- ; Windows Extensions
- ; Note that ODBC support is built in, so no dll is needed for it.
- ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5)
-@@ -1391,7 +1431,7 @@
+ ; Notes for Windows environments :
+ ;
+ ; - ODBC support is built in, so no dll is needed for it.
+@@ -1341,7 +1384,7 @@
  ; where MODE is the octal representation of the mode. Note that this
  ; does not overwrite the process's umask.
  ; http://php.net/session.save-path
 -;session.save_path = "/tmp"
 +session.save_path = "/var/lib/php"
  
- ; Whether to use cookies.
- ; http://php.net/session.use-cookies
+ ; Whether to use strict session mode.
+ ; Strict session mode does not accept uninitialized session ID and regenerate
diff --git a/source/n/php/slack-desc b/source/n/php/slack-desc
index fe14da6d6..15d109aaf 100644
--- a/source/n/php/slack-desc
+++ b/source/n/php/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
    |-----handy-ruler------------------------------------------------------|
 php: php (HTML-embedded scripting language)
 php:
-php: PHP is an HTML-embedded scripting language.  It shares syntax
-php: characteristics with C, Java, and Perl.  The primary objective behind
+php: PHP is an HTML-embedded scripting language. It shares syntax
+php: characteristics with C, Java, and Perl. The primary objective behind
 php: this language is to make a fast and easy-to-use scripting language
 php: for dynamic web sites.
 php:
diff --git a/source/n/pidentd/pidentd.SlackBuild b/source/n/pidentd/pidentd.SlackBuild
index 2dbd49f47..841d497d6 100755
--- a/source/n/pidentd/pidentd.SlackBuild
+++ b/source/n/pidentd/pidentd.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,22 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=pidentd
 VERSION=3.0.19
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-pidentd
 
@@ -53,7 +63,8 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
-zcat $CWD/pidentd.conf.diff.gz | patch -p1 --backup --verbose || exit
+zcat $CWD/pidentd.conf.diff.gz | patch -p1 --backup --verbose || exit 1
+zcat $CWD/pidentd.openssl-1.1.diff.gz | patch -p1 --backup --verbose || exit 1
 
 CFLAGS=-O2 \
 ./configure \
diff --git a/source/n/pidentd/pidentd.openssl-1.1.diff b/source/n/pidentd/pidentd.openssl-1.1.diff
new file mode 100644
index 000000000..72682b4cc
--- /dev/null
+++ b/source/n/pidentd/pidentd.openssl-1.1.diff
@@ -0,0 +1,114 @@
+--- ./src/pdes.c.orig	2000-05-21 14:07:05.000000000 -0500
++++ ./src/pdes.c	2018-05-07 17:03:36.483003872 -0500
+@@ -46,7 +46,7 @@
+ 
+ 
+ 
+-static des_key_schedule sched;
++static DES_key_schedule sched;
+ 
+ 
+ 
+@@ -55,7 +55,7 @@
+ {
+     char keybuf[1024+1];
+     int fd, res;
+-    des_cblock key_bin;
++    DES_cblock key_bin;
+ 
+ 
+     if (keyfile == NULL)
+@@ -100,8 +100,8 @@
+     }
+ 
+     keybuf[sizeof(keybuf)-1] = '\0';
+-    des_string_to_key(keybuf, &key_bin);
+-    des_set_key(&key_bin, sched);
++    DES_string_to_key(keybuf, &key_bin);
++    DES_set_key(&key_bin, &sched);
+ 
+     return 0;
+ }
+@@ -136,20 +136,20 @@
+     for (i = 1; i < 6; i++)
+ 	r.longs[0] ^= r.longs[i];
+ 
+-    des_ecb_encrypt((des_cblock *)&(r.longs[0]), (des_cblock *)&(r.longs[0]),
+-		    sched, DES_ENCRYPT);
++    DES_ecb_encrypt((DES_cblock *)&(r.longs[0]), (DES_cblock *)&(r.longs[0]),
++                   &sched, DES_ENCRYPT);
+     
+     r.longs[2] ^= r.longs[0];
+     r.longs[3] ^= r.longs[1];
+     
+-    des_ecb_encrypt((des_cblock *)&(r.longs[2]), (des_cblock *)&(r.longs[2]),
+-		    sched, DES_ENCRYPT);
++    DES_ecb_encrypt((DES_cblock *)&(r.longs[2]), (DES_cblock *)&(r.longs[0]),
++                   &sched, DES_ENCRYPT);
+     
+     r.longs[4] ^= r.longs[2];
+     r.longs[5] ^= r.longs[3];
+     
+-    des_ecb_encrypt((des_cblock *)&(r.longs[4]), (des_cblock *)&(r.longs[4]),
+-		    sched, DES_ENCRYPT);
++    DES_ecb_encrypt((DES_cblock *)&(r.longs[4]), (DES_cblock *)&(r.longs[0]),
++                   &sched, DES_ENCRYPT);
+ 
+     for (i = 0, j = 0; i < 24; i+=3, j+=4)
+     {
+--- ./src/idecrypt.c.orig	2001-04-23 15:40:15.000000000 -0500
++++ ./src/idecrypt.c	2018-05-07 17:04:20.897003874 -0500
+@@ -100,8 +100,8 @@
+     char buf1[32], buf2[32];
+     struct sockaddr_gen ip_local, ip_remote;
+     int keyfile_fd;
+-    des_cblock key_bin;
+-    des_key_schedule sched;
++    DES_cblock key_bin;
++    DES_key_schedule sched;
+     static char readable[256];
+     
+ 
+@@ -118,9 +118,8 @@
+     while (read(keyfile_fd, keybuf, sizeof(keybuf)-1) == sizeof(keybuf)-1)
+     {
+ 	keybuf[sizeof(keybuf)-1] = '\0';
+-	des_string_to_key(keybuf, &key_bin);
+-	des_set_key(&key_bin, sched);
+-	
++        DES_string_to_key(keybuf, &key_bin);
++        DES_set_key(&key_bin, &sched);
+ 	
+ 	for (i = 0, j = 0; i < 24; i += 3, j += 4)
+ 	{
+@@ -129,21 +128,21 @@
+ 	    r.chars[i+2] = (to_bin[packet[j+2]] << 6) + (to_bin[packet[j+3]]);
+ 	}
+     
+-	des_ecb_encrypt((des_cblock *)&(r.longs[4]),
+-			(des_cblock *)&(r.longs[4]),
+-			sched, DES_DECRYPT);
++            DES_ecb_encrypt((DES_cblock *)&(r.longs[i+2]),
++                            (DES_cblock *)&(r.longs[i+2]),
++                            &sched, DES_DECRYPT);
+ 	r.longs[4] ^= r.longs[2];
+ 	r.longs[5] ^= r.longs[3];
+ 	
+-	des_ecb_encrypt((des_cblock *)&(r.longs[2]),
+-			(des_cblock *)&(r.longs[2]),
+-			sched, DES_DECRYPT);
++        DES_ecb_encrypt((DES_cblock *)&(r.longs[0]),
++                        (DES_cblock *)&(r.longs[0]),
++                        &sched, DES_DECRYPT);
+ 	
+ 	r.longs[2] ^= r.longs[0];
+ 	r.longs[3] ^= r.longs[1]; 
+-	des_ecb_encrypt((des_cblock *)&(r.longs[0]),
+-			(des_cblock *)&(r.longs[0]),
+-			sched, DES_DECRYPT);
++        DES_ecb_encrypt((DES_cblock *)&(r.longs[0]),
++                        (DES_cblock *)&(r.longs[0]),
++                        &sched, DES_DECRYPT);
+ 
+ 	for (i = 1; i < 6; i++)
+ 	{
diff --git a/source/n/pidentd/slack-desc b/source/n/pidentd/slack-desc
index 3229f5e88..96c596e6b 100644
--- a/source/n/pidentd/slack-desc
+++ b/source/n/pidentd/slack-desc
@@ -1,18 +1,18 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 pidentd: pidentd (TCP/IP IDENT protocol server)
 pidentd:
 pidentd: The identd daemon implements the IDENT protocol as specified in
-pidentd: RFC1413.  When your machine connects to a remote system, the remote
+pidentd: RFC1413. When your machine connects to a remote system, the remote
 pidentd: machine may connect to your identd daemon to find out either the
 pidentd: user name or other information about the process that initiated
-pidentd: the connection.  Some remote machines may choose not to allow your
+pidentd: the connection. Some remote machines may choose not to allow your
 pidentd: connections if you do not provide access to an identd daemon.
 pidentd:
 pidentd: The pidentd daemon was written by Peter Eriksson.
diff --git a/source/n/pinentry/pinentry.SlackBuild b/source/n/pinentry/pinentry.SlackBuild
index 3329405b2..2e55bb7fa 100755
--- a/source/n/pinentry/pinentry.SlackBuild
+++ b/source/n/pinentry/pinentry.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2006, 2014  Robby Workman, Tuscaloosa, AL, USA
-# Copyright 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007, 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,10 +21,11 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=pinentry
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,6 +37,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -60,7 +69,6 @@ else
   ARCHQUADLET=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -69,7 +77,7 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 find . \
diff --git a/source/n/pinentry/slack-desc b/source/n/pinentry/slack-desc
index 71c5e44e3..53d525c77 100644
--- a/source/n/pinentry/slack-desc
+++ b/source/n/pinentry/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/popa3d/popa3d.SlackBuild b/source/n/popa3d/popa3d.SlackBuild
index 78932c70e..8d7a7c31d 100755
--- a/source/n/popa3d/popa3d.SlackBuild
+++ b/source/n/popa3d/popa3d.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,22 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=popa3d
 VERSION=1.0.3
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-popa3d
 rm -rf $PKG
diff --git a/source/n/popa3d/slack-desc b/source/n/popa3d/slack-desc
index 6a0679164..28397ccbc 100644
--- a/source/n/popa3d/slack-desc
+++ b/source/n/popa3d/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
 popa3d: popa3d (a POP3 daemon)
 popa3d:
-popa3d: popa3d is a Post Office Protocol version 3 (POP3) server.  A POP3
+popa3d: popa3d is a Post Office Protocol version 3 (POP3) server. A POP3
 popa3d: server operates on local mailboxes on behalf of its remote users.
 popa3d: Users can connect at any time to check their mailbox and fetch the
-popa3d: mail that has accumulated.  The design goals of this POP3 server are
+popa3d: mail that has accumulated. The design goals of this POP3 server are
 popa3d: security, reliability, RFC compliance (slightly relaxed to work with
 popa3d: real-world POP3 clients), and high performance.
 popa3d:
diff --git a/source/n/postfix/README b/source/n/postfix/README
new file mode 100644
index 000000000..bfb212dd0
--- /dev/null
+++ b/source/n/postfix/README
@@ -0,0 +1,25 @@
+Postfix is Wietse Venema's mailer that started life as an alternative to the
+widely-used Sendmail program. It attempts to be fast, easy to administer, and
+secure, while at the same time, being sendmail compatible enough to not upset
+existing users. Thus, the outside has a sendmail-ish flavor, but the inside is
+completely different.
+
+This script builds postfix with support for Dovecot SASL, Cyrus SASL, and
+TLS (using OpenSSL.)  Support for Berkeley DB hash and btree maps, being a
+Postfix requirement, is also detected and built.
+
+In addition database plugins are built for LDAP, MySQL, PCRE and sqlite3.  To
+add support for additional database plugins which are not provided in
+Slackware, such as CDB or PostgreSQL, it is necessary to recompile this
+package.  See the comments in the SlackBuild script to get started.
+
+Postfix manual sections follow the BSD standard, where section 8 is only for
+daemons, and all user commands, even root-user-only administrative commands
+such as postfix(1), are in section 1.
+
+Postfix is exceptionally well documented.  If you put a link to your
+html_directory (/usr/doc/postfix/html) somewhere you can find it in your
+favorite browser, all of this will be readily available to you.  The place
+to start is not with man pages, but with the various READMEs, all HTMLified
+and with convenient hyperlinks to the relevant anchors in the HTML versions
+of the manuals.
diff --git a/source/n/postfix/doinst.sh b/source/n/postfix/doinst.sh
new file mode 100644
index 000000000..e67f7ea15
--- /dev/null
+++ b/source/n/postfix/doinst.sh
@@ -0,0 +1,76 @@
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+    # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  if [ -e $OLD ]; then
+    cp -a $OLD ${NEW}.incoming
+    cat $NEW > ${NEW}.incoming
+    mv ${NEW}.incoming $NEW
+  fi
+  config $NEW
+}
+
+# Make sure that the postfix user (UID 91, GID 91), and the
+# postdrop group (GID 92) exist on this system:
+if ! grep -q "^postfix:" etc/passwd ; then
+  echo "postfix:x:91:91:User for Postfix MTA:/dev/null:/bin/false" >> etc/passwd
+fi
+if ! grep -q "^postfix:" etc/group ; then
+  echo "postfix:x:91:" >> etc/group
+fi
+if ! grep -q "^postdrop:" etc/group ; then
+  echo "postdrop:x:92:" >> etc/group
+fi
+
+find etc/postfix -type f -name '*.new' | while read new ; do
+  config $new
+done
+preserve_perms etc/rc.d/rc.postfix.new
+config etc/aliases.new
+
+# Don't keep aliases.new. If it exists, the user already defined aliases.
+rm -f etc/aliases.new
+
+# No reason to keep these: upgrade-configuration will take care of merging
+# changes needed to the existing files
+rm -f etc/postfix/main.cf.new etc/postfix/master.cf.new
+
+# This is for backward compatibility with the old Sendmail package; some
+# software might still expect to find the /usr/lib/sendmail link.
+if [ ! -d usr/lib ]; then
+mkdir -p usr/lib
+( cd usr/lib ; rm -f sendmail )
+( cd usr/lib ; ln -s /usr/sbin/sendmail sendmail)
+fi
+
+## COMMENTED OUT
+## (The Slackware package should ship with correct permissions)
+##
+## This will set the permissions on all postfix files correctly
+#if [ -x usr/sbin/postfix ]; then
+#  chroot . /usr/sbin/postfix set-permissions
+#fi
+
+# The upgrade-configuration command will add any necessary new settings to
+# existing config files (/etc/postfix/{main,master}.cf).  It won't hurt
+# anything on a new install.
+if [ -x usr/sbin/postfix ]; then
+  chroot . /usr/sbin/postfix upgrade-configuration
+fi
+
+# Process /etc/aliases into a database:
+if [ -x usr/bin/newaliases ]; then
+  chroot . /usr/bin/newaliases
+fi
diff --git a/source/n/postfix/postfix.SlackBuild b/source/n/postfix/postfix.SlackBuild
new file mode 100755
index 000000000..54304571e
--- /dev/null
+++ b/source/n/postfix/postfix.SlackBuild
@@ -0,0 +1,230 @@
+#!/bin/bash
+#
+# Copyright 2006, 2011  Alan Hicks, Lizella, GA
+# Copyright 2010, 2011, 2013, 2014, 2015, 2016, 2017  Mario Preksavec, Zagreb, Croatia
+# Copyright 2017, 2018  Patrick J. Volkerding, Sebeka, MN USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# (Thanks also to /dev/rob0 somewhere on the Internet)
+
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=postfix
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
+
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) ARCH=i586 ;;
+    arm*) ARCH=arm ;;
+       *) ARCH=$( uname -m ) ;;
+  esac
+fi
+
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+  LIBDIRSUFFIX="64"
+else
+  SLKCFLAGS="-O2"
+  LIBDIRSUFFIX=""
+fi
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
+if [ "$(grep "^postfix:x:91:91" /etc/passwd)" = "" -o \
+     "$(grep "^postfix:x:91:" /etc/group)" = "" -o \
+     "$(grep "^postdrop:x:92:" /etc/group)" = "" ]; then
+cat << EOF
+The postfix user/group and/or the postdrop group do not exist on this system.
+Before running this script, please add them with the following commands:
+
+groupadd -g 91 postfix
+useradd -u 91 -d /dev/null -s /bin/false -g postfix postfix
+groupadd -g 92 postdrop
+
+EOF
+exit 1
+fi
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PKGNAM-$VERSION
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
+cd $PKGNAM-$VERSION || exit 1
+
+chown -R root:root .
+find -L . \
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+  -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+  -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+
+# Fix postfix-script so that it won't think a symlink in /etc/postfix is
+# group writable. Only warn about regular files there.
+zcat $CWD/postfix.only.warn.regular.files.diff.gz | patch -p1 --verbose || exit 1
+
+# Make the postfix startup message look more like the other boot notices:
+zcat $CWD/postfix.script.starting.message.diff.gz | patch -p1 --verbose || exit 1
+
+# Postfix does not use a ./configure script (no GNU autoconf)
+#
+# The AUXLIBS variable is for dynamic library linking, which as of this
+# writing is the only means of adding SASL and TLS support.  But most map
+# types now can be loaded as plugins at runtime.  We build our Postfix
+# package with LDAP, MySQL, PCRE and sqlite3 plugins.  In addition,
+# Berkeley DB support (required) is automatically detected and built.
+
+# Build with SASL support
+SASLARGS="-DUSE_SASL_AUTH -I/usr/include/sasl -DUSE_CYRUS_SASL"
+SASLLIBS="-L/usr/lib${LIBDIRSUFFIX}/sasl2 -lsasl2"
+# Note: this enables both server SASL types (Cyrus and Dovecot) as well as
+# client SASL with Cyrus.  See SASL_README if you wish to customize this.
+# For example, you might not wish to link against Cyrus SASL if not using
+# client SASL.  For Dovecot (server) SASL only, comment SASLLIBS, and set:
+# SASLARGS="-DUSE_SASL_AUTH"
+
+# Build with TLS support, see TLS_README
+TLSARGS="-DUSE_TLS"
+TLSLIBS="-lssl -lcrypto"
+
+# Build with LDAP client support, see LDAP_README
+LDAPARGS="-DHAS_LDAP"
+# MySQL database support, see MYSQL_README
+MYSQLARGS="-I/usr/include/mysql -DHAS_MYSQL"
+# PCRE (perl-compatible regular expressions) support, see PCRE_README
+PCREARGS="-DHAS_PCRE $( pcre-config --cflags )"
+# SQLite3 database support, see SQLITE_README
+SQLITEARGS="-DHAS_SQLITE"
+# Finally, DBARGS lumps it all together:
+DBARGS="$LDAPARGS $MYSQLARGS $PCREARGS $SQLITEARGS"
+
+### ADDITIONAL MAP TYPE PLUGINS
+#
+# Those who have installed other map types not included in Slackware could
+# add support as follows:
+#
+#  * AUXLIBS_CDB for CDB support, see /usr/doc/postfix/readme/CDB_README
+#  * AUXLIBS_LMDB for LMDB support, see /usr/doc/postfix/readme/LMDB_README
+#  * AUXLIBS_PGSQL for PostgreSQL support, see /usr/doc/postfix/readme/PGSQL_README
+#  * AUXLIBS_SDBM for SDBM support, see /usr/doc/postfix/readme/SDBM_README
+#
+# Note that each of these additional map types will require additions to
+# the CCARGS variable.  Typically this would be done by adding what is
+# needed to $DBARGS.
+
+### CHANGING BUILT-IN DOCUMENTATION PATH SETTINGS
+#
+# If we try to use postfix-$VERSION in any of these paths, we'll get a compile
+# failure: "error: too many decimal points in number"
+# So we're pretty much forced to leave things as postfix expects them.
+PATHARGS="'-DDEF_HTML_DIR=\"/usr/doc/postfix/html\"' \
+  '-DDEF_MANPAGE_DIR=\"/usr/man\"' \
+  '-DDEF_README_DIR=\"/usr/doc/postfix/readme\"'"
+
+make $NUMJOBS makefiles dynamicmaps=yes pie=yes shared=yes \
+  shlib_directory=/usr/lib${LIBDIRSUFFIX}/postfix/MAIL_VERSION \
+  CCARGS="$TLSARGS $SASLARGS $DBARGS $PATHARGS" \
+  AUXLIBS="$TLSLIBS $SASLLIBS" \
+  AUXLIBS_LDAP="-lldap -llber" \
+  AUXLIBS_MYSQL="-L/usr/lib${LIBDIRSUFFIX}/mysql -lmysqlclient -lz -lm" \
+  AUXLIBS_PCRE="$( pcre-config --libs )" \
+  AUXLIBS_SQLITE="-lsqlite3 -lpthread" \
+  OPT="$SLKCFLAGS" DEBUG="" || exit 1
+
+# We put our documentation files in version-specific directories, but we'll
+# use a symlink to provide the compiled-in path in /usr/doc/postfix/.
+mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
+ln -s $PKGNAM-$VERSION $PKG/usr/doc/$PKGNAM
+
+make non-interactive-package \
+  install_root=$PKG \
+  tempdir=$TMP/$PKGNAM-temp \
+  sample_directory=no || exit 1
+
+rm -f $PKG/etc/postfix/{TLS_,}LICENSE
+
+install -D -m 0644 -oroot -groot $CWD/rc.postfix $PKG/etc/rc.d/rc.postfix.new
+
+# Add greylist.pl per postfix documentation:
+cp -a examples/smtpd-policy/greylist.pl $PKG/usr/libexec/postfix
+chown root:root $PKG/usr/libexec/postfix/greylist.pl
+chmod 755 $PKG/usr/libexec/postfix/greylist.pl
+
+# Move configuration files to filename.new:
+find $PKG/etc/postfix -type f ! -name "*.default" ! -name "*.proto" ! -name "*.out" \
+  ! -name "postfix-files" -exec mv {} {}.new \;
+
+# The aliases file is expected to be in /etc, so let's put it there:
+mv $PKG/etc/postfix/aliases.new $PKG/etc/aliases.new
+# Leave a symlink in /etc/postfix to point out this location:
+( cd $PKG/etc/postfix ; ln -sf ../aliases . )
+
+# Strip binaries:
+find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
+  | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
+
+# Set proper permissions:
+chown root:postdrop $PKG/usr/sbin/{postdrop,postqueue}
+chmod 2755 $PKG/usr/sbin/{postdrop,postqueue}
+chown postfix:root $PKG/var/lib/postfix
+chown -R postfix:root $PKG/var/spool/postfix/*
+chown root:root $PKG/var/spool/postfix/pid
+chown postfix:postdrop $PKG/var/spool/postfix/{maildrop,public}
+
+# Compress man pages:
+find $PKG/usr/man -type f -exec gzip -9 {} \;
+for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
+
+sed -i $PKG/etc/postfix/postfix-files \
+  -e 's#\($manpage_directory/man[158]/.\+\.[158]\)\(:.*\)#\1.gz\2#' \
+  -e '/$config_directory\/LICENSE:f:root:-:644:1/ d' \
+  -e '/$config_directory\/TLS_LICENSE:f:root:-:644:1/ d'
+
+# Add documentation files:
+mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
+cp -a AAAREADME COMPATIBILITY COPYRIGHT HISTORY IPv6-ChangeLog LICENSE PORTING \
+  RELEASE_NOTES* TLS_* US_PATENT_* examples implementation-notes \
+  $PKG/usr/doc/$PKGNAM-$VERSION
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
+
+cd $PKG
+/sbin/makepkg -l y -c n --prepend $OUTPUT/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
diff --git a/source/n/postfix/postfix.only.warn.regular.files.diff b/source/n/postfix/postfix.only.warn.regular.files.diff
new file mode 100644
index 000000000..2b6b788c9
--- /dev/null
+++ b/source/n/postfix/postfix.only.warn.regular.files.diff
@@ -0,0 +1,11 @@
+--- ./conf/postfix-script.orig	2016-01-31 15:05:46.000000000 -0600
++++ ./conf/postfix-script	2017-11-05 15:09:40.838097647 -0600
+@@ -275,7 +275,7 @@
+ 	find $todo ! -user root \
+ 	    -exec $WARN not owned by root: {} \;
+ 
+-	find $todo \( -perm -020 -o -perm -002 \) \
++	find $todo -type f \( -perm -020 -o -perm -002 \) \
+ 	    -exec $WARN group or other writable: {} \;
+ 
+ 	# Check Postfix mail_owner-owned directory tree owner/permissions.
diff --git a/source/n/postfix/postfix.script.starting.message.diff b/source/n/postfix/postfix.script.starting.message.diff
new file mode 100644
index 000000000..8bea3461f
--- /dev/null
+++ b/source/n/postfix/postfix.script.starting.message.diff
@@ -0,0 +1,14 @@
+--- ./conf/postfix-script.orig	2018-02-22 13:13:32.023937591 -0600
++++ ./conf/postfix-script	2018-02-22 13:15:44.936950017 -0600
+@@ -139,7 +139,10 @@
+ 		# Foreground this so it can be stopped. All inodes are cached.
+ 		$daemon_directory/postfix-script check-warn
+ 	fi
+-	$INFO starting the Postfix mail system
++	$INFO starting the Postfix mail system > /dev/null 2> /dev/null
++	# Because this is called during Slackware init, let's make it look
++	# similar to everything else printed on the screen:
++	echo "Starting the Postfix mail system:  $command_directory/postfix start"
+ 	case $1 in
+ 	start)
+ 	    # NOTE: wait in foreground process to get the initialization status.
diff --git a/source/n/postfix/postfix.url b/source/n/postfix/postfix.url
new file mode 100644
index 000000000..d0d454bbe
--- /dev/null
+++ b/source/n/postfix/postfix.url
@@ -0,0 +1 @@
+ftp://ftp.porcupine.org/mirrors/postfix-release/official/
diff --git a/source/n/sendmail/Build b/source/n/postfix/rc.postfix
index 21950d496..6f583f212 100644
--- a/source/n/sendmail/Build
+++ b/source/n/postfix/rc.postfix
@@ -1,6 +1,6 @@
-#!/bin/sh
-# Copyright 2004 Slackware Linux, Inc.  Concord, CA 94520
-# Copyright 2007, 2008  Patrick J. Volkerding, Sebeka, MN, USA
+#!/bin/bash
+# Copyright 2006, Alan Hicks, Lizella, GA
+# Copyright 2017, Patrick J. Volkerding, Sebeka, MN USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -21,9 +21,48 @@
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 #
 
-# A script to build .cf files from .mc files:
+postfix_start()
+{
+  /usr/sbin/postfix start
+}
 
-for mcfile in $* ; do
-  /usr/bin/m4 /usr/share/sendmail/cf/m4/cf.m4 $mcfile > $(basename $mcfile .mc).cf
-done
+postfix_stop()
+{
+  /usr/sbin/postfix stop
+}
 
+postfix_restart()
+{
+  postfix_stop
+  postfix_start
+}
+
+postfix_reload()
+{
+  /usr/sbin/postfix reload
+}
+
+postfix_status()
+{
+  /usr/sbin/postfix status
+}
+
+case $1 in
+'start')
+  postfix_start
+  ;;
+'stop')
+  postfix_stop
+  ;;
+'restart')
+  postfix_restart
+  ;;
+'reload')
+  postfix_reload
+  ;;
+'status')
+  postfix_status
+  ;;
+*)
+  echo "usage $0 start|stop|restart|reload|status"
+esac
diff --git a/source/n/postfix/slack-desc b/source/n/postfix/slack-desc
new file mode 100644
index 000000000..0c3964041
--- /dev/null
+++ b/source/n/postfix/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.
+# Line up the first '|' above the ':' following the base package name, and
+# the '|' on the right side marks the last column you can put a character in.
+# You must make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':' except on otherwise blank lines.
+
+       |-----handy-ruler------------------------------------------------------|
+postfix: postfix (mail transport and submission agent)
+postfix:
+postfix: Postfix attempts to be fast, easy to administer, and secure, while at
+postfix: the same time being sendmail compatible enough to not upset existing
+postfix: users. Thus, the outside has a sendmail-ish flavor, but the inside is
+postfix: completely different.
+postfix:
+postfix: Homepage: http://www.postfix.org
+postfix:
+postfix:
+postfix:
diff --git a/source/n/ppp/0028-pppoe-include-netinet-in.h-before-linux-in.h.patch b/source/n/ppp/0028-pppoe-include-netinet-in.h-before-linux-in.h.patch
new file mode 100644
index 000000000..9b0920d3b
--- /dev/null
+++ b/source/n/ppp/0028-pppoe-include-netinet-in.h-before-linux-in.h.patch
@@ -0,0 +1,35 @@
+From 33797aa193a2751da26f9af120e39c110defe4d1 Mon Sep 17 00:00:00 2001
+From: Lubomir Rintel <lkundrak@v3.sk>
+Date: Sat, 10 Dec 2016 19:53:56 +0100
+Subject: [PATCH] pppoe: include netinet/in.h before linux/in.h
+
+To fix build breakage.
+---
+ pppd/plugins/rp-pppoe/pppoe.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h
+index 9ab2eee..f77f5b7 100644
+--- a/pppd/plugins/rp-pppoe/pppoe.h
++++ b/pppd/plugins/rp-pppoe/pppoe.h
+@@ -15,6 +15,8 @@
+ 
+ #include "config.h"
+ 
++#include <netinet/in.h>
++
+ #if defined(HAVE_NETPACKET_PACKET_H) || defined(HAVE_LINUX_IF_PACKET_H)
+ #define _POSIX_SOURCE 1 /* For sigaction defines */
+ #endif
+@@ -84,8 +86,6 @@ typedef unsigned long UINT32_t;
+ #include <linux/if_ether.h>
+ #endif
+ 
+-#include <netinet/in.h>
+-
+ #ifdef HAVE_NETINET_IF_ETHER_H
+ #include <sys/types.h>
+ 
+-- 
+2.9.3
+
diff --git a/source/n/ppp/ppp.SlackBuild b/source/n/ppp/ppp.SlackBuild
index daaf1e3ab..a427e469e 100755
--- a/source/n/ppp/ppp.SlackBuild
+++ b/source/n/ppp/ppp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,30 +20,40 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=ppp
 VERSION=2.4.7
 RADVER=1.1.6
 PPPVER=1.98
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "x86_64" ]; then
   LIBDIRSUFFIX="64"
 else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-ppp
 
@@ -72,11 +82,14 @@ rm -f include/linux/if_pppol2tp.h
 
 zcat $CWD/ppp.CVE-2015-3310.diff.gz | patch -p1 --verbose || exit 1
 
+zcat $CWD/0028-pppoe-include-netinet-in.h-before-linux-in.h.patch.gz | patch -p1 --verbose || exit 1
+
 ./configure \
   --prefix=/usr \
-  --libdir=/usr/lib${LIBDIRSUFFIX}
+  --libdir=/usr/lib${LIBDIRSUFFIX} || exit 1
+
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG/usr
+make install DESTDIR=$PKG/usr || exit 1
 
 # Install PPP config files:
 mkdir -p $PKG/etc/ppp
@@ -94,6 +107,12 @@ zcat $CWD/options.new.gz > $PKG/etc/ppp/options.new
 # Since they are only runnable by group root, the risk really isn't much...
 chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/pppd/*/*.so
 
+# The Makefile doesn't error out if building rp-pppoe.so fails, so check for it:
+if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pppd/${VERSION}/rp-pppoe.so ]; then
+  echo "FATAL: /usr/lib${LIBDIRSUFFIX}/pppd/${VERSION}/rp-pppoe.so failed to build."
+  exit 1
+fi
+
 mkdir -p $PKG/usr/doc/ppp-$VERSION
 cp -a \
   FAQ PLUGINS README* SETUP scripts \
@@ -111,7 +130,7 @@ chown -R root:root .
   --prefix=/usr \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
   --sysconfdir=/etc \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 zcat $CWD/radius.msdict.gz > $PKG/etc/radiusclient/dictionary.microsoft
@@ -148,6 +167,9 @@ cp -a \
   README.pppsetup ppp-compile.txt pppsetup-$PPPVER.README pppsetup-$PPPVER.lsm \
   $PKG/usr/doc/pppsetup
 
+# Don't ship .la files:
+rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
+
 ( cd $PKG
   find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
   find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
diff --git a/source/n/ppp/slack-desc b/source/n/ppp/slack-desc
index ddf6f37f4..5fa9cd133 100644
--- a/source/n/ppp/slack-desc
+++ b/source/n/ppp/slack-desc
@@ -1,16 +1,16 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
    |-----handy-ruler------------------------------------------------------|
 ppp: ppp (Point-to-Point Protocol)
 ppp:
 ppp: The Point-to-Point Protocol (PPP) provides a method for transmitting
-ppp: data over serial links.  It's commonly used for connecting to the
-ppp: Internet using a modem.  This package includes the PPP daemon (pppd),
+ppp: data over serial links. It's commonly used for connecting to the
+ppp: Internet using a modem. This package includes the PPP daemon (pppd),
 ppp: which negotiates with the peer to establish the link and sets up the
 ppp: ppp network interface, and pppsetup, an easy-to-use utility for
 ppp: setting up your PPP daemon.
diff --git a/source/n/procmail/procmail.SlackBuild b/source/n/procmail/procmail.SlackBuild
index 3e7ac6fd9..37231574f 100755
--- a/source/n/procmail/procmail.SlackBuild
+++ b/source/n/procmail/procmail.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,20 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=procmail
 VERSION=3.22
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-procmail
 rm -rf $PKG
@@ -56,6 +66,8 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+sed -i "s/getline/procmail_getline/g" src/fields.c src/formail.c src/formisc.c src/formisc.h
+
 make || exit 1
 
 cd src
diff --git a/source/n/procmail/slack-desc b/source/n/procmail/slack-desc
index f017ef933..6d0e39d64 100644
--- a/source/n/procmail/slack-desc
+++ b/source/n/procmail/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/proftpd/etc/proftpd.conf b/source/n/proftpd/etc/proftpd.conf
index ffb0df3fe..50ee487c2 100644
--- a/source/n/proftpd/etc/proftpd.conf
+++ b/source/n/proftpd/etc/proftpd.conf
@@ -10,39 +10,39 @@ DefaultServer			on
 
 # Port 21 is the standard FTP port.
 Port				21
+
 # Umask 022 is a good standard umask to prevent new dirs and files
 # from being group and world writable.
 Umask				022
 
+# Don't use IPv6 support by default.
+UseIPv6				off
+
 # To prevent DoS attacks, set the maximum number of child processes
 # to 30.  If you need to allow more than 30 concurrent connections
 # at once, simply increase this value.  Note that this ONLY works
 # in standalone mode, in inetd mode you should use an inetd server
 # that allows you to limit maximum number of processes per service
-# (such as xinetd)
+# (such as xinetd).
 MaxInstances			30
 
-# Set the user and group that the server normally runs at.
+# Set the user and group under which the server will run.
 User				nobody
 Group				nogroup
 
-# This next option is required for NIS or NIS+ to work properly:
-#PersistentPasswd off
-
+# Set system log location:
 SystemLog			/var/log/proftpd.log
 TransferLog			/var/log/xferlog
 
 # Normally, we want files to be overwriteable.
-<Directory /*>
-  AllowOverwrite		on
-</Directory>
+AllowOverwrite			on
 
 # A basic anonymous FTP server configuration.
 # To enable this, remove the user ftp from /etc/ftpusers.
 <Anonymous ~ftp>
-  RequireValidShell		off
   User				ftp
   Group				ftp
+
   # We want clients to be able to login with "anonymous" as well as "ftp"
   UserAlias			anonymous ftp
 
diff --git a/source/n/proftpd/proftpd.SlackBuild b/source/n/proftpd/proftpd.SlackBuild
index db0d0d267..7d04e9e6c 100755
--- a/source/n/proftpd/proftpd.SlackBuild
+++ b/source/n/proftpd/proftpd.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2016, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,14 +20,16 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-VERSION=1.3.5b
-DIRVER=1.3.5b
-BUILD=${BUILD:-1}
+PKGNAM=proftpd
+VERSION=1.3.6
+DIRVER=1.3.6
+BUILD=${BUILD:-4}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-PROFTPD_MODS="mod_radius:mod_ban:mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin:mod_quotatab:mod_quotatab_file"
+PROFTPD_MODS="mod_radius:mod_ban:mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin:mod_quotatab:mod_quotatab_file:mod_sftp:mod_facl"
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -39,6 +41,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -53,7 +63,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-proftpd
 
@@ -86,7 +95,7 @@ CXXFLAGS="$SLKCFLAGS" \
   --enable-nls \
   --localstatedir=/var/run \
   --with-modules="${PROFTPD_MODS}" \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/source/n/proftpd/slack-desc b/source/n/proftpd/slack-desc
index 5ed80ca92..35b73bf2e 100644
--- a/source/n/proftpd/slack-desc
+++ b/source/n/proftpd/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 proftpd: proftpd (FTP server daemon)
 proftpd:
 proftpd: ProFTPD is the Professional File Transfer Protocol (FTP) server
-proftpd: daemon.  ProFTPD grew out of the desire to have a secure and
+proftpd: daemon. ProFTPD grew out of the desire to have a secure and
 proftpd: configurable FTP server, and out of a significant admiration of the
 proftpd: Apache web server.
 proftpd:
-proftpd:
+proftpd: Homepage: http://www.proftpd.org
 proftpd:
 proftpd:
 proftpd:
diff --git a/source/n/pssh/pssh-2.3.1-py3-import.patch b/source/n/pssh/pssh-2.3.1-py3-import.patch
new file mode 100644
index 000000000..d40104fb7
--- /dev/null
+++ b/source/n/pssh/pssh-2.3.1-py3-import.patch
@@ -0,0 +1,13 @@
+diff --git a/psshlib/cli.py b/psshlib/cli.py
+index c14b309..ddfe0ee 100644
+--- a/psshlib/cli.py
++++ b/psshlib/cli.py
+@@ -6,7 +6,7 @@ import os
+ import shlex
+ import sys
+ import textwrap
+-import version
++from psshlib import version
+ 
+ _DEFAULT_PARALLELISM = 32
+ _DEFAULT_TIMEOUT     = 0 # "infinity" by default
diff --git a/source/n/pssh/pssh-2.3.1-py3-min-int-none.patch b/source/n/pssh/pssh-2.3.1-py3-min-int-none.patch
new file mode 100644
index 000000000..c202bc8ee
--- /dev/null
+++ b/source/n/pssh/pssh-2.3.1-py3-min-int-none.patch
@@ -0,0 +1,13 @@
+diff --git a/bin/pssh b/bin/pssh
+index 5b6c2a5..dc53a36 100755
+--- a/bin/pssh
++++ b/bin/pssh
+@@ -90,7 +90,7 @@ def do_pssh(hosts, cmdline, opts):
+     except FatalError:
+         sys.exit(1)
+ 
+-    if min(statuses) < 0:
++    if None in statuses:
+         # At least one process was killed.
+         sys.exit(3)
+     # The any builtin was introduced in Python 2.5 (so we can't use it yet):
diff --git a/source/n/pssh/pssh-2.3.1-py3-non-blocking.patch b/source/n/pssh/pssh-2.3.1-py3-non-blocking.patch
new file mode 100644
index 000000000..bcf4b4fd9
--- /dev/null
+++ b/source/n/pssh/pssh-2.3.1-py3-non-blocking.patch
@@ -0,0 +1,35 @@
+# https://github.com/nplanel/parallel-ssh/commit/ee379dc5c69e4e0f62f92fb48f9a9ce6af0b2ac4.patch
+From ee379dc5c69e4e0f62f92fb48f9a9ce6af0b2ac4 Mon Sep 17 00:00:00 2001
+From: Nicolas PLANEL <nplanel@gmail.com>
+Date: Fri, 23 Oct 2015 01:20:25 +1100
+Subject: [PATCH] fixup : wakeup_writefd must be non-blocking
+
+wakeup_writefd should be non-blocking as signal.set_wakeup_fd()
+API request it.
+
+"ValueError: the fd 4 must be in non-blocking mode"
+---
+ psshlib/manager.py | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/psshlib/manager.py b/psshlib/manager.py
+index 7dbf4e3..db35e76 100644
+--- a/psshlib/manager.py
++++ b/psshlib/manager.py
+@@ -2,6 +2,7 @@
+ 
+ from errno import EINTR
+ import os
++import fcntl
+ import select
+ import signal
+ import sys
+@@ -209,6 +210,7 @@ def __init__(self):
+ 
+         # Setup the wakeup file descriptor to avoid hanging on lost signals.
+         wakeup_readfd, wakeup_writefd = os.pipe()
++        fcntl.fcntl(wakeup_writefd, fcntl.F_SETFL, os.O_NONBLOCK)
+         self.register_read(wakeup_readfd, self.wakeup_handler)
+         # TODO: remove test when we stop supporting Python <2.5
+         if hasattr(signal, 'set_wakeup_fd'):
+
diff --git a/source/n/pssh/pssh-2.3.1-py3-str-bytes-encode.patch b/source/n/pssh/pssh-2.3.1-py3-str-bytes-encode.patch
new file mode 100644
index 000000000..1a6b4cc3a
--- /dev/null
+++ b/source/n/pssh/pssh-2.3.1-py3-str-bytes-encode.patch
@@ -0,0 +1,13 @@
+diff --git a/psshlib/askpass_server.py b/psshlib/askpass_server.py
+index 4293164..4680749 100644
+--- a/psshlib/askpass_server.py
++++ b/psshlib/askpass_server.py
+@@ -69,7 +69,7 @@ class PasswordServer(object):
+         buffer = self.buffermap[fd]
+         conn = self.socketmap[fd]
+         try:
+-            bytes_written = conn.send(buffer)
++            bytes_written = conn.send(buffer.encode('utf-8'))
+         except socket.error:
+             _, e, _ = sys.exc_info()
+             number = e.args[0]
diff --git a/source/n/pssh/pssh-read-stdin-as-bytes-in-Python-3.patch b/source/n/pssh/pssh-read-stdin-as-bytes-in-Python-3.patch
new file mode 100644
index 000000000..c64d77461
--- /dev/null
+++ b/source/n/pssh/pssh-read-stdin-as-bytes-in-Python-3.patch
@@ -0,0 +1,16 @@
+diff --git a/bin/pssh b/bin/pssh
+index 860bad2..5fe726d 100755
+--- a/bin/pssh
++++ b/bin/pssh
+@@ -65,7 +65,10 @@ def do_pssh(hosts, cmdline, opts):
+     if opts.errdir and not os.path.exists(opts.errdir):
+         os.makedirs(opts.errdir)
+     if opts.send_input:
+-        stdin = sys.stdin.read()
++        if hasattr(sys.stdin, 'buffer'):
++            stdin = sys.stdin.buffer.read()
++        else:
++            stdin = sys.stdin.read()
+     else:
+         stdin = None
+     manager = Manager(opts)
diff --git a/source/n/pssh/pssh.SlackBuild b/source/n/pssh/pssh.SlackBuild
index a251d4b96..c8a9dad1d 100755
--- a/source/n/pssh/pssh.SlackBuild
+++ b/source/n/pssh/pssh.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -22,19 +22,30 @@
 
 # required: package "python" version 2.2 or higher installed
 
-VERSION=2.3.1
-BUILD=1
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=pssh
+VERSION=${VERSION:-$(echo pssh*.tar.gz | cut -d - -f 2  | rev | cut -f 3- -d . | rev)}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 PREFIX=/usr
 
 if [ "$ARCH" = "x86_64" ]; then
@@ -43,7 +54,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-pssh
 rm -rf $PKG
@@ -60,13 +70,15 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
-for library in psshlib/* ; do
-  # This will force removepkg to remove all runtime-compiled *.pyc files
-  touch ${library}c
-done
+# fix python3 issues
+zcat $CWD/pssh-2.3.1-py3-import.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/pssh-2.3.1-py3-min-int-none.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/pssh-2.3.1-py3-non-blocking.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/pssh-2.3.1-py3-str-bytes-encode.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/pssh-read-stdin-as-bytes-in-Python-3.patch.gz | patch -p1 --verbose || exit 1
 
-# Install:
-python setup.py build install --root=$PKG
+# Install
+python3 setup.py build install --root=$PKG
 
 # Compress manual pages:
 find $PKG/usr/man -type f -exec gzip -9 {} \;
diff --git a/source/n/pssh/slack-desc b/source/n/pssh/slack-desc
index 0a4f043e5..cb4a87c0a 100644
--- a/source/n/pssh/slack-desc
+++ b/source/n/pssh/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 pssh: pssh (tools for collective remote system management)
 pssh:
 pssh: Pssh, a.k.a. "parallel ssh", are Python-written wrapper scripts for
-pssh: OpenSSH and rsync tools.  They are useful for simultaneous control
-pssh: of large number of machines, using parallel ssh sessions.  Included
+pssh: OpenSSH and rsync tools. They are useful for simultaneous control
+pssh: of large number of machines, using parallel ssh sessions. Included
 pssh: are parallel versions of ssh, scp, and rsync, as well as a parallel
 pssh: kill command.
 pssh:
 pssh: Pssh has been written by Brent Chun <bnc at theether.org>, and is
 pssh: currently maintained by Andrew McNabb <amcnabb at mcnabbs.org>.
-pssh: Homepage:  http://parallel-ssh.googlecode.com
+pssh: Homepage: https://code.google.com/archive/p/parallel-ssh/
diff --git a/source/n/pth/slack-desc b/source/n/pth/slack-desc
deleted file mode 100644
index ae4bd9071..000000000
--- a/source/n/pth/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-   |-----handy-ruler------------------------------------------------------|
-pth: pth (GNU Portable Threads)
-pth:
-pth: Pth is a very portable POSIX/ANSI-C based library for Unix platforms
-pth: which provides non-preemptive priority-based scheduling for multiple
-pth: threads of execution (aka `multithreading') inside event-driven
-pth: applications.  All threads run in the same address space of the
-pth: server application, but each thread has its own individual
-pth: program-counter, run-time stack, signal mask and errno variable.
-pth:
-pth:
-pth:
diff --git a/source/n/rdist/rdist.SlackBuild b/source/n/rdist/rdist.SlackBuild
index 66f48c9b0..abe19de8a 100755
--- a/source/n/rdist/rdist.SlackBuild
+++ b/source/n/rdist/rdist.SlackBuild
@@ -1,5 +1,5 @@
-#!/bin/sh
-# Copyright 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+#!/bin/bash
+# Copyright 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -19,25 +19,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-
-CWD=$(pwd)
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=rdist
 VERSION=${VERSION:-6.1.5}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$TMP" = "" ]; then
   TMP=/tmp
 fi
@@ -47,8 +54,8 @@ mkdir -p $PKG
 
 if [ "$ARCH" = "i386" ]; then
   SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
-elif [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
 elif [ "$ARCH" = "x86_64" ]; then
diff --git a/source/n/rdist/slack-desc b/source/n/rdist/slack-desc
index b6e2fa789..f03fcd3d5 100644
--- a/source/n/rdist/slack-desc
+++ b/source/n/rdist/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 rdist: rdist (remote file distribution program)
 rdist:
-rdist: Rdist is a remote file distribution program.  It is used to maintain
-rdist: identical copies of files over multiple network hosts.  It preserves
+rdist: Rdist is a remote file distribution program. It is used to maintain
+rdist: identical copies of files over multiple network hosts. It preserves
 rdist: the owner, group, mode, and mtime of files if possible and can update
 rdist: programs that are executing.
 rdist:
diff --git a/source/n/rfkill/rfkill.SlackBuild b/source/n/rfkill/rfkill.SlackBuild
deleted file mode 100755
index c82832b91..000000000
--- a/source/n/rfkill/rfkill.SlackBuild
+++ /dev/null
@@ -1,93 +0,0 @@
-#!/bin/sh
-
-# Slackware build script for rfkill
-
-# Copyright 2010  Ray Gomez <ray.gomez{at}thetravelingcoder{dot}com>
-# Copyright 2011  Patrick J. Volkerding, Sebeka, MN, USA
-# All rights reserved.
-# 
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-# 
-# 1. Redistributions of this script must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
-# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-PKGNAM=rfkill
-VERSION=${VERSION:-0.5}
-BUILD=${BUILD:-1}
-
-# Automatically determine the architecture we're building on:
-if [ -z "$ARCH" ]; then
-  case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
-    arm*) export ARCH=arm ;;
-    # Unless $ARCH is already set, use uname -m for all other archs:
-       *) export ARCH=$( uname -m ) ;;
-  esac
-fi
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-$PKGNAM
-
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
-  LIBDIRSUFFIX=""
-elif [ "$ARCH" = "i686" ]; then
-  SLKCFLAGS="-O2 -march=i686 -mtune=i686"
-  LIBDIRSUFFIX=""
-elif [ "$ARCH" = "x86_64" ]; then
-  SLKCFLAGS="-O2 -fPIC"
-  LIBDIRSUFFIX="64"
-else
-  SLKCFLAGS="-O2"
-  LIBDIRSUFFIX=""
-fi
-
-rm -rf $PKG
-mkdir -p $TMP $PKG
-cd $TMP
-rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
-cd $PKGNAM-$VERSION || exit 1
-chown -R root:root .
-find . \
- \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
-
-make \
-  CFLAGS="$SLKCFLAGS" \
-  PREFIX=/usr \
-  MANDIR=/usr/man || exit 1
-make install \
-  PREFIX=/usr \
-  MANDIR=/usr/man \
-  DESTDIR=$PKG || exit 1
-
-mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
-cp -a \
-  COPYING* README* \
-  $PKG/usr/doc/$PKGNAM-$VERSION
-
-find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
-  | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
-
-mkdir -p $PKG/install
-cat $CWD/slack-desc > $PKG/install/slack-desc
-
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
-
diff --git a/source/n/rfkill/rfkill.url b/source/n/rfkill/rfkill.url
deleted file mode 100644
index 700aef457..000000000
--- a/source/n/rfkill/rfkill.url
+++ /dev/null
@@ -1,2 +0,0 @@
-http://linuxwireless.org/en/users/Documentation/rfkill
-http://wireless.kernel.org/download/rfkill/
diff --git a/source/n/rfkill/slack-desc b/source/n/rfkill/slack-desc
deleted file mode 100644
index 7055fc3b0..000000000
--- a/source/n/rfkill/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-      |-----handy-ruler------------------------------------------------------|
-rfkill: rfkill (tool to query subsystem interfaces)
-rfkill:
-rfkill: rfkill is a small tool to query the state of the rfkill switches,
-rfkill: buttons and subsystem interfaces.
-rfkill:
-rfkill: http://linuxwireless.org/en/users/Documentation/rfkill
-rfkill:
-rfkill:
-rfkill:
-rfkill:
-rfkill:
diff --git a/source/n/rp-pppoe/rp-pppoe-3.12-bz1469960-new-kernel-header.patch b/source/n/rp-pppoe/rp-pppoe-3.12-bz1469960-new-kernel-header.patch
new file mode 100644
index 000000000..2b26edac7
--- /dev/null
+++ b/source/n/rp-pppoe/rp-pppoe-3.12-bz1469960-new-kernel-header.patch
@@ -0,0 +1,100 @@
+diff -up rp-pppoe-3.12/src/if.c.than rp-pppoe-3.12/src/if.c
+--- rp-pppoe-3.12/src/if.c.than	2017-07-25 11:04:53.780466912 +0200
++++ rp-pppoe-3.12/src/if.c	2017-07-25 11:05:35.951885962 +0200
+@@ -20,6 +20,12 @@ static char const RCSID[] =
+ 
+ #include "pppoe.h"
+ 
++#if defined(HAVE_LINUX_IF_H)
++#include <linux/if.h>
++#elif defined(HAVE_NET_IF_H)
++#include <net/if.h>
++#endif
++
+ #ifdef HAVE_UNISTD_H
+ #include <unistd.h>
+ #endif
+diff -up rp-pppoe-3.12/src/plugin.c.than rp-pppoe-3.12/src/plugin.c
+--- rp-pppoe-3.12/src/plugin.c.than	2017-07-25 11:05:50.145353868 +0200
++++ rp-pppoe-3.12/src/plugin.c	2017-07-25 11:07:00.068732535 +0200
+@@ -49,6 +49,11 @@ static char const RCSID[] =
+ #include <unistd.h>
+ #include <fcntl.h>
+ #include <signal.h>
++#if defined(HAVE_LINUX_IF_H)
++#include <linux/if.h>
++#elif defined(HAVE_NET_IF_H)
++#include <net/if.h>
++#endif
+ #include <net/ethernet.h>
+ #include <net/if_arp.h>
+ #include <linux/ppp_defs.h>
+diff -up rp-pppoe-3.12/src/pppoe.h.than rp-pppoe-3.12/src/pppoe.h
+--- rp-pppoe-3.12/src/pppoe.h.than	2017-07-25 11:07:38.141305245 +0200
++++ rp-pppoe-3.12/src/pppoe.h	2017-07-25 11:08:34.409195838 +0200
+@@ -51,13 +51,6 @@ extern int IsSetID;
+ #include <sys/socket.h>
+ #endif
+ 
+-/* Ugly header files on some Linux boxes... */
+-#if defined(HAVE_LINUX_IF_H)
+-#include <linux/if.h>
+-#elif defined(HAVE_NET_IF_H)
+-#include <net/if.h>
+-#endif
+-
+ #ifdef HAVE_NET_IF_TYPES_H
+ #include <net/if_types.h>
+ #endif
+@@ -136,9 +129,6 @@ typedef unsigned long UINT32_t;
+ #ifdef HAVE_NETINET_IF_ETHER_H
+ #include <sys/types.h>
+ 
+-#ifdef HAVE_SYS_SOCKET_H
+-#include <sys/socket.h>
+-#endif
+ #ifndef HAVE_SYS_DLPI_H
+ #include <netinet/if_ether.h>
+ #endif
+diff -up rp-pppoe-3.12/src/pppoe-server.c.than rp-pppoe-3.12/src/pppoe-server.c
+--- rp-pppoe-3.12/src/pppoe-server.c.than	2017-07-25 11:08:51.505554918 +0200
++++ rp-pppoe-3.12/src/pppoe-server.c	2017-07-25 11:09:59.230016098 +0200
+@@ -26,6 +26,13 @@ static char const RCSID[] =
+ 
+ #define _BSD_SOURCE 1 /* for gethostname */
+ 
++#include <sys/socket.h>
++#if defined(HAVE_LINUX_IF_H)
++#include <linux/if.h>
++#elif defined(HAVE_NET_IF_H)
++#include <net/if.h>
++#endif
++
+ #include "pppoe-server.h"
+ #include "md5.h"
+ 
+diff -up rp-pppoe-3.12/src/relay.c.than rp-pppoe-3.12/src/relay.c
+--- rp-pppoe-3.12/src/relay.c.than	2017-07-25 11:10:13.863467871 +0200
++++ rp-pppoe-3.12/src/relay.c	2017-07-25 11:11:17.747074537 +0200
+@@ -18,11 +18,19 @@ static char const RCSID[] =
+ "$Id$";
+ 
+ #define _GNU_SOURCE 1 /* For SA_RESTART */
+-
+-#include "relay.h"
++#include "config.h"
+ 
+ #include <signal.h>
+ 
++#include <sys/socket.h>
++#if defined(HAVE_LINUX_IF_H)
++#include <linux/if.h>
++#elif defined(HAVE_NET_IF_H)
++#include <net/if.h>
++#endif
++
++#include "relay.h"
++
+ #ifdef HAVE_SYSLOG_H
+ #include <syslog.h>
+ #endif
diff --git a/source/n/rp-pppoe/rp-pppoe-3.12-doc.patch b/source/n/rp-pppoe/rp-pppoe-3.12-doc.patch
new file mode 100644
index 000000000..e6e1b117d
--- /dev/null
+++ b/source/n/rp-pppoe/rp-pppoe-3.12-doc.patch
@@ -0,0 +1,18 @@
+diff -up rp-pppoe-3.12/src/Makefile.in.than rp-pppoe-3.12/src/Makefile.in
+--- rp-pppoe-3.12/src/Makefile.in.than	2015-11-16 17:25:40.566618656 +0100
++++ rp-pppoe-3.12/src/Makefile.in	2015-11-16 17:25:57.749517019 +0100
+@@ -165,14 +165,6 @@ install: all
+ 	$(install) -m 755 ../scripts/pppoe-status $(DESTDIR)$(sbindir)
+ 	$(install) -m 755 ../scripts/pppoe-stop $(DESTDIR)$(sbindir)
+ 	$(install) -m 755 ../scripts/pppoe-setup $(DESTDIR)$(sbindir)
+-	-mkdir -p $(DESTDIR)$(docdir)
+-	$(install) -m 644 ../doc/CHANGES $(DESTDIR)$(docdir)
+-	$(install) -m 644 ../doc/KERNEL-MODE-PPPOE $(DESTDIR)$(docdir)
+-	$(install) -m 644 ../doc/HOW-TO-CONNECT $(DESTDIR)$(docdir)
+-	$(install) -m 644 ../doc/LICENSE $(DESTDIR)$(docdir)
+-	$(install) -m 644 ../README $(DESTDIR)$(docdir)
+-	$(install) -m 644 ../SERVPOET $(DESTDIR)$(docdir)
+-	$(install) -m 644 ../configs/pap-secrets $(DESTDIR)$(docdir)
+ 	-mkdir -p $(DESTDIR)$(mandir)/man8
+ 	for i in $(TARGETS) ; do \
+ 		if test -f ../man/$$i.8 ; then \
diff --git a/source/n/rp-pppoe/rp-pppoe-3.12-ip-allocation.patch b/source/n/rp-pppoe/rp-pppoe-3.12-ip-allocation.patch
new file mode 100644
index 000000000..512913745
--- /dev/null
+++ b/source/n/rp-pppoe/rp-pppoe-3.12-ip-allocation.patch
@@ -0,0 +1,111 @@
+diff -up rp-pppoe-3.12/man/pppoe-server.8.ip-allocation rp-pppoe-3.12/man/pppoe-server.8
+--- rp-pppoe-3.12/man/pppoe-server.8.ip-allocation	2015-11-11 16:10:01.000000000 +0100
++++ rp-pppoe-3.12/man/pppoe-server.8	2015-11-16 16:48:52.457927211 +0100
+@@ -96,6 +96,11 @@ valid remote IP address to \fBpppd\fR.
+ of 10.67.15.1 is used.
+ 
+ .TP
++.B \-D
++Delegate the allocation of IP addresses to \fBpppd\fR.  If specified, no
++local and remote addresses passed to pppd.
++
++.TP
+ .B \-N \fInum\fR
+ Allows at most \fInum\fR concurrent PPPoE sessions.  If not specified,
+ the default is 64.
+diff -up rp-pppoe-3.12/src/pppoe-server.c.ip-allocation rp-pppoe-3.12/src/pppoe-server.c
+--- rp-pppoe-3.12/src/pppoe-server.c.ip-allocation	2015-11-11 16:10:04.000000000 +0100
++++ rp-pppoe-3.12/src/pppoe-server.c	2015-11-16 16:50:53.209195100 +0100
+@@ -176,6 +176,9 @@ char PppoeOptions[SMALLBUF] = "";
+ unsigned char LocalIP[IPV4ALEN] = {10, 0, 0, 1}; /* Counter optionally STARTS here */
+ unsigned char RemoteIP[IPV4ALEN] = {10, 67, 15, 1}; /* Counter STARTS here */
+ 
++/* Delegates the allocation of IP addresses to pppd (as the pptpd doing) */
++int DelegateIPAllocation = 0;
++
+ /* Do we increment local IP for each connection? */
+ int IncrLocalIP = 0;
+ 
+@@ -241,8 +244,8 @@ childHandler(pid_t pid, int status, void
+ 
+     memset(&conn, 0, sizeof(conn));
+     conn.hostUniq = NULL;
+-
+-    syslog(LOG_INFO,
++    if (!DelegateIPAllocation) {
++     syslog(LOG_INFO,
+ 	   "Session %u closed for client "
+ 	   "%02x:%02x:%02x:%02x:%02x:%02x (%d.%d.%d.%d) on %s",
+ 	   (unsigned int) ntohs(session->sess),
+@@ -251,6 +254,15 @@ childHandler(pid_t pid, int status, void
+ 	   (int) session->realpeerip[0], (int) session->realpeerip[1],
+ 	   (int) session->realpeerip[2], (int) session->realpeerip[3],
+ 	   session->ethif->name);
++    } else {
++		syslog(LOG_INFO,
++      "Session %u closed for client "
++      "%02x:%02x:%02x:%02x:%02x:%02x on %s",
++      (unsigned int) ntohs(session->sess),
++      session->eth[0], session->eth[1], session->eth[2],
++      session->eth[3], session->eth[4], session->eth[5],
++      session->ethif->name);
++    }
+     memcpy(conn.myEth, session->ethif->mac, ETH_ALEN);
+     conn.discoverySocket = session->ethif->sock;
+     conn.session = session->sess;
+@@ -1134,6 +1146,7 @@ usage(char const *argv0)
+     fprintf(stderr, "   -L ip          -- Set local IP address.\n");
+     fprintf(stderr, "   -l             -- Increment local IP address for each session.\n");
+     fprintf(stderr, "   -R ip          -- Set start address of remote IP pool.\n");
++    fprintf(stderr, "   -D             -- Delegates the allocation of IP addresses to pppd.\n");
+     fprintf(stderr, "   -S name        -- Advertise specified service-name.\n");
+     fprintf(stderr, "   -O fname       -- Use PPPD options from specified file\n");
+     fprintf(stderr, "                     (default %s).\n", PPPOE_SERVER_OPTIONS);
+@@ -1200,9 +1213,9 @@ main(int argc, char **argv)
+ #endif
+ 
+ #ifndef HAVE_LINUX_KERNEL_PPPOE
+-    char *options = "X:ix:hI:C:L:R:T:m:FN:f:O:o:sp:lrudPc:S:1q:Q:";
++    char *options = "X:ix:hI:C:L:R:DT:m:FN:f:O:o:sp:lrudPc:S:1q:Q:";
+ #else
+-    char *options = "X:ix:hI:C:L:R:T:m:FN:f:O:o:skp:lrudPc:S:1q:Q:";
++    char *options = "X:ix:hI:C:L:R:DT:m:FN:f:O:o:skp:lrudPc:S:1q:Q:";
+ #endif
+ 
+     if (getuid() != geteuid() ||
+@@ -1401,6 +1414,10 @@ main(int argc, char **argv)
+ 	    }
+ 	    break;
+ 
++	case 'D':
++	    DelegateIPAllocation = 1;
++	    break;
++
+ 	case 'T':
+ 	case 'm':
+ 	    /* These just get passed to pppoe */
+@@ -1915,6 +1932,7 @@ startPPPDUserMode(ClientSession *session
+     argv[c++] = "file";
+     argv[c++] = pppoptfile;
+ 
++    if (!DelegateIPAllocation) {
+     snprintf(buffer, SMALLBUF, "%d.%d.%d.%d:%d.%d.%d.%d",
+ 	    (int) session->myip[0], (int) session->myip[1],
+ 	    (int) session->myip[2], (int) session->myip[3],
+@@ -1930,6 +1948,16 @@ startPPPDUserMode(ClientSession *session
+ 	   session->ethif->name,
+ 	   session->serviceName);
+     argv[c++] = strdup(buffer);
++    } else {
++	syslog(LOG_INFO,
++	    "Session %u created for client %02x:%02x:%02x:%02x:%02x:%02x on %s using Service-Name '%s'",
++	    (unsigned int) ntohs(session->sess),
++	    session->eth[0], session->eth[1], session->eth[2],
++	    session->eth[3], session->eth[4], session->eth[5],
++	    session->ethif->name,
++	    session->serviceName);
++    }
++    
+     if (!argv[c-1]) {
+ 	/* TODO: Send a PADT */
+ 	exit(EXIT_FAILURE);
diff --git a/source/n/rp-pppoe/rp-pppoe-3.12-plugin.patch b/source/n/rp-pppoe/rp-pppoe-3.12-plugin.patch
new file mode 100644
index 000000000..5b7671724
--- /dev/null
+++ b/source/n/rp-pppoe/rp-pppoe-3.12-plugin.patch
@@ -0,0 +1,12 @@
+diff -up rp-pppoe-3.12/src/configure.in.than rp-pppoe-3.12/src/configure.in
+--- rp-pppoe-3.12/src/configure.in.than	2015-12-11 16:19:38.700092797 +0100
++++ rp-pppoe-3.12/src/configure.in	2015-12-11 16:20:15.670875690 +0100
+@@ -26,6 +26,7 @@ AC_CHECK_HEADERS(linux/if_pppox.h, [], [
+ #include<net/ethernet.h>
+ #include<linux/if.h>
+ #include<linux/in.h>
++#include<linux/in6.h>
+ ])
+ 
+ dnl Checks for typedefs, structures, and compiler characteristics.
+diff -up rp-pppoe-3.12/src/configure.than rp-pppoe-3.12/src/configure
diff --git a/source/n/rp-pppoe/rp-pppoe-3.12-pluginpath.patch b/source/n/rp-pppoe/rp-pppoe-3.12-pluginpath.patch
new file mode 100644
index 000000000..c322b00a3
--- /dev/null
+++ b/source/n/rp-pppoe/rp-pppoe-3.12-pluginpath.patch
@@ -0,0 +1,12 @@
+diff -up rp-pppoe-3.12/src/pppoe-server.c.than rp-pppoe-3.12/src/pppoe-server.c
+--- rp-pppoe-3.12/src/pppoe-server.c.than	2015-12-17 11:17:30.257775608 +0100
++++ rp-pppoe-3.12/src/pppoe-server.c	2015-12-17 11:18:44.276951643 +0100
+@@ -2014,7 +2014,7 @@ startPPPDLinuxKernelMode(ClientSession *
+ 
+     argv[c++] = "pppd";
+     argv[c++] = "plugin";
+-    argv[c++] = PLUGIN_PATH;
++    argv[c++] = "rp-pppoe.so";
+ 
+     /* Add "nic-" to interface name */
+     snprintf(buffer, SMALLBUF, "nic-%s", session->ethif->name);
diff --git a/source/n/rp-pppoe/rp-pppoe-manpages.patch b/source/n/rp-pppoe/rp-pppoe-manpages.patch
new file mode 100644
index 000000000..fd0f24009
--- /dev/null
+++ b/source/n/rp-pppoe/rp-pppoe-manpages.patch
@@ -0,0 +1,71 @@
+diff -up rp-pppoe-3.12/man/pppoe.8.than rp-pppoe-3.12/man/pppoe.8
+--- rp-pppoe-3.12/man/pppoe.8.than	2015-11-11 16:10:01.000000000 +0100
++++ rp-pppoe-3.12/man/pppoe.8	2016-06-03 17:24:49.649336285 +0200
+@@ -32,6 +32,10 @@ triggered.  The best way to do this is t
+ PPPoE timeout to be about four times the LCP echo interval.
+ 
+ .TP
++.B \-t \fItimeout\fR
++The \fB\-t\fR option sets the initial timeout for discovery packets in seconds.
++
++.TP
+ .B \-D \fIfile_name\fR
+ The \fB\-D\fR option causes every packet to be dumped to the specified
+ \fIfile_name\fR.  This is intended for debugging only; it produces huge
+@@ -147,6 +151,10 @@ the peer you are dealing with uses non-s
+ ISP uses non-standard frame types, complain!
+ 
+ .TP
++.B \-F numfloods
++The \fB\-F\fR option sets the discovery flood, only used for stress-testing.
++
++.TP
+ .B \-h
+ The \fB\-h\fR option causes \fBpppoe\fR to print usage information and
+ exit.
+diff -up rp-pppoe-3.12/man/pppoe-server.8.than rp-pppoe-3.12/man/pppoe-server.8
+--- rp-pppoe-3.12/man/pppoe-server.8.than	2016-06-03 17:24:49.641336586 +0200
++++ rp-pppoe-3.12/man/pppoe-server.8	2016-06-03 17:24:49.650336248 +0200
+@@ -77,12 +77,20 @@ PADI and PADR packets are ignored.  If y
+ then no limit is imposed on the number of sessions per peer MAC address.
+ 
+ .TP
++.B \-P
++Check pool file for correctness and exit.
++
++.TP
+ .B \-s
+ This option is passed directly to \fBpppoe\fR; see \fBpppoe\fR(8) for
+ details.  In addition, it causes \fBpppd\fR to be invoked with the
+ \fIsync\fR option.
+ 
+ .TP
++.B \-l
++Increment local IP address for each session.
++
++.TP
+ .B \-L \fIip\fR
+ Sets the local IP address.  This is passed to spawned \fBpppd\fR processes.
+ If not specified, the default is 10.0.0.1.
+@@ -147,6 +155,10 @@ handing out sessions in order, the sessi
+ unpredictable order.
+ 
+ .TP
++.B \-d
++Debug session creation.
++
++.TP
+ .B \-u
+ Tells the server to invoke \fBpppd\fR with the \fIunit\fR option.  Note
+ that this option only works for \fBpppd\fR version 2.4.0 or newer.
+diff -up rp-pppoe-3.12/src/pppoe.c.than rp-pppoe-3.12/src/pppoe.c
+--- rp-pppoe-3.12/src/pppoe.c.than	2016-06-03 17:24:49.650336248 +0200
++++ rp-pppoe-3.12/src/pppoe.c	2016-06-03 17:27:40.888903213 +0200
+@@ -380,6 +380,7 @@ usage(char const *argv0)
+ 	    "   -k             -- Kill a session with PADT (requires -e)\n"
+ 	    "   -d             -- Perform discovery, print session info and exit.\n"
+ 	    "   -f disc:sess   -- Set Ethernet frame types (hex).\n"
++       "   -F numfloods   -- Set the discovery flood, only used for stress-testing.\n"
+ 	    "   -h             -- Print usage information.\n\n"
+ 	    "PPPoE Version %s, Copyright (C) 2001-2015 Roaring Penguin Software Inc.\n"
+ 	    "PPPoE comes with ABSOLUTELY NO WARRANTY.\n"
diff --git a/source/n/rp-pppoe/rp-pppoe.SlackBuild b/source/n/rp-pppoe/rp-pppoe.SlackBuild
index 6549149b9..f392cbef3 100755
--- a/source/n/rp-pppoe/rp-pppoe.SlackBuild
+++ b/source/n/rp-pppoe/rp-pppoe.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2012, 2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2012, 2015, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=rp-pppoe
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -34,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -46,7 +56,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-rp-pppoe
 
@@ -55,7 +64,7 @@ mkdir -p $TMP $PKG
 cd $TMP
 rm -rf rp-pppoe-$VERSION
 tar xvf $CWD/rp-pppoe-$VERSION.tar.?z* || exit 1
-cd rp-pppoe-$VERSION/src || exit 1
+cd rp-pppoe-$VERSION || exit 1
 chown -R root:root .
 find . \
   \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
@@ -63,12 +72,20 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+zcat $CWD/rp-pppoe-3.12-ip-allocation.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/rp-pppoe-3.12-plugin.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/rp-pppoe-3.12-pluginpath.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/rp-pppoe-manpages.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/rp-pppoe-3.12-bz1469960-new-kernel-header.patch.gz | patch -p1 --verbose || exit 1
+
+cd src
+
 CFLAGS="$SLKCFLAGS" \
 ./configure \
   --enable-plugin=/ppp-2.4.4 \
   --prefix=/usr \
   --mandir=/usr/man \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install docdir=/usr/doc/rp-pppoe-$VERSION DESTDIR=$PKG install || exit 1
diff --git a/source/n/rp-pppoe/slack-desc b/source/n/rp-pppoe/slack-desc
index 8aed9d0c4..4ae51c3fc 100644
--- a/source/n/rp-pppoe/slack-desc
+++ b/source/n/rp-pppoe/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/rpcbind/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch b/source/n/rpcbind/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch
new file mode 100644
index 000000000..9ea5870d8
--- /dev/null
+++ b/source/n/rpcbind/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch
@@ -0,0 +1,39 @@
+From a89ba6d07832cb62a86601971380fda7130c6826 Mon Sep 17 00:00:00 2001
+From: "Patrick J. Volkerding" <volkerdi@slackware.com>
+Date: Mon, 17 Jul 2017 23:09:36 -0500
+Subject: [PATCH 1/2] man/rpcibind.8: Clarify state file usage and history
+
+---
+ man/rpcbind.8 | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/man/rpcbind.8 b/man/rpcbind.8
+index af6200f..bdfb1c8 100644
+--- a/man/rpcbind.8
++++ b/man/rpcbind.8
+@@ -132,11 +132,20 @@ to connect to services from a privileged port.
+ .It Fl w
+ Cause
+ .Nm
+-to do a "warm start" by read a state file when
++to do a "warm start" by attempting to read *.xdr state files from the
++state directory
++.%T /var/run/rpcbind
++when
+ .Nm
+-starts up. The state file is created when
++starts up. The state files are created when
+ .Nm
+ terminates.
++.Pp
++This allows for restarting
++.Nm
++without the need to restart all RPC services that have previously registered.
++The state files serve a similar purpose to the files created/restored by the
++pmap_dump and pmap_set utilities distributed with the old portmap server package.
+ .El
+ .Sh NOTES
+ All RPC servers must be restarted if
+-- 
+2.13.2
+
diff --git a/source/n/rpcbind/0001-security.c-removed-warning.patch b/source/n/rpcbind/0001-security.c-removed-warning.patch
deleted file mode 100644
index 6ca5b6d06..000000000
--- a/source/n/rpcbind/0001-security.c-removed-warning.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From de47f6323d8fb20feefee21d0195cf0529151e04 Mon Sep 17 00:00:00 2001
-From: Steve Dickson <steved@redhat.com>
-Date: Thu, 17 Sep 2015 15:57:35 -0400
-Subject: [PATCH 1/4] security.c: removed warning
-
-src/security.c:100:8: warning: implicit declaration of function 'xlog'
-[-Wimplicit-function-declaration]
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/security.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/security.c b/src/security.c
-index 0c9453f..c54ce26 100644
---- a/src/security.c
-+++ b/src/security.c
-@@ -17,6 +17,8 @@
- #include <syslog.h>
- #include <netdb.h>
- 
-+#include "xlog.h"
-+
- /*
-  * XXX for special case checks in check_callit.
-  */
--- 
-2.6.4
-
diff --git a/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch b/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch
deleted file mode 100644
index 6a80742f0..000000000
--- a/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From d5dace219953c45d26ae42db238052b68540649a Mon Sep 17 00:00:00 2001
-From: Olaf Kirch <okir@suse.de>
-Date: Fri, 30 Oct 2015 10:18:20 -0400
-Subject: [PATCH 2/4] Fix memory corruption in PMAP_CALLIT code
-
- - A PMAP_CALLIT call comes in on IPv4 UDP
- - rpcbind duplicates the caller's address to a netbuf and stores it in
-   FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
-   with a size of 16 bytes
- - rpcbind forwards the call to the local service, receives a reply
- - when processing the reply, it does this in xprt_set_caller:
-    xprt->xp_rtaddr = *FINFO[0].caller_addr
-   It sends out the reply, and then frees the netbuf caller_addr and
-   caller_addr.buf.
-   However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
-   to memory region A, which is free.
- - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
-   be called, which will set xp_rtaddr to the client's address.
-   It will reuse the buffer inside xp_rtaddr, ie it will write a
-   sockaddr_in to region A
-
-Some time down the road, an incoming TCP connection is accepted,
-allocating a fresh SVCXPRT. The memory region A is inside the
-new SVCXPRT
-
- - While processing the TCP call, another UDP call comes in, again
-   overwriting region A with the client's address
- - TCP client closes connection. In svc_destroy, we now trip over
-   the garbage left in region A
-
-We ran into the case where a commercial scanner was triggering
-occasional rpcbind segfaults. The core file that was captured showed
-a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
-
-Signed-off-by: Olaf Kirch <okir@suse.de>
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/rpcb_svc_com.c | 23 ++++++++++++++++++++++-
- 1 file changed, 22 insertions(+), 1 deletion(-)
-
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index ff9ce6b..4ae93f1 100644
---- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds)
- 	return (ncallbacks_found);
- }
- 
-+/*
-+ * This is really a helper function defined in libtirpc, 
-+ * but unfortunately, it hasn't been exported yet.
-+ */
-+static struct netbuf *
-+__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len)
-+{
-+	if (nb->len != len) {
-+		if (nb->len)
-+			mem_free(nb->buf, nb->len);
-+		nb->buf = mem_alloc(len);
-+		if (nb->buf == NULL)
-+			return NULL;
-+
-+		nb->maxlen = nb->len = len;
-+	}
-+	memcpy(nb->buf, ptr, len);
-+	return nb;
-+}
-+
- static void
- xprt_set_caller(SVCXPRT *xprt, struct finfo *fi)
- {
-+	const struct netbuf *caller = fi->caller_addr;
- 	u_int32_t *xidp;
- 
--	*(svc_getrpccaller(xprt)) = *(fi->caller_addr);
-+	__rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len);
- 	xidp = __rpcb_get_dg_xidp(xprt);
- 	*xidp = fi->caller_xid;
- }
--- 
-2.6.4
-
diff --git a/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch b/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch
new file mode 100644
index 000000000..060614cc9
--- /dev/null
+++ b/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch
@@ -0,0 +1,218 @@
+From 7ea36eeece56b59f98e469934e4c20b4da043346 Mon Sep 17 00:00:00 2001
+From: Doran Moppert <dmoppert@redhat.com>
+Date: Thu, 11 May 2017 11:42:54 -0400
+Subject: [PATCH 2/6] rpcbind: pair all svc_getargs() calls with svc_freeargs()
+ to avoid memory leak
+
+This patch is to address CVE-2017-8779 "rpcbomb" in rpcbind, discussed
+at [1], [2], [3].  The last link suggests this issue is actually a bug
+in rpcbind, which led me here.
+
+The leak caused by the reproducer at [4] appears to come from
+rpcb_service_4(), in the case where svc_getargs() returns false and the
+function had an early return, rather than passing through the cleanup
+path at done:, as would otherwise occur.
+
+It also addresses a couple of other locations where the same fault seems
+to exist, though I haven't been able to exercise those.  I hope someone
+more intimate with rpc(3) can confirm my understanding is correct, and
+that I haven't introduced any new bugs.
+
+Without this patch, using the reproducer (and variants) repeatedly
+against rpcbind with a numBytes argument of 1_000_000_000, /proc/$(pidof
+rpcbind)/status reports VmSize increase of 976564 kB each call, and
+VmRSS increase of around 260 kB every 33 calls - the specific numbers
+are probably an artifact of my rhel/glibc version.  With the patch,
+there is a small (~50 kB) VmSize increase with the first message, but
+thereafter both VmSize and VmRSS remain steady.
+
+[1]: http://seclists.org/oss-sec/2017/q2/209
+[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1448124
+[3]: https://sourceware.org/ml/libc-alpha/2017-05/msg00129.html
+[4]: https://github.com/guidovranken/rpcbomb/
+
+Signed-off-by: Doran Moppert <dmoppert@redhat.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/pmap_svc.c     | 56 +++++++++++++++++++++++++++++++++++++++++++++---------
+ src/rpcb_svc.c     |  2 +-
+ src/rpcb_svc_4.c   |  2 +-
+ src/rpcb_svc_com.c |  8 ++++++++
+ 4 files changed, 57 insertions(+), 11 deletions(-)
+
+diff --git a/src/pmap_svc.c b/src/pmap_svc.c
+index 4c744fe..e926cdc 100644
+--- a/src/pmap_svc.c
++++ b/src/pmap_svc.c
+@@ -175,6 +175,7 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
+ 	long ans;
+ 	uid_t uid;
+ 	char uidbuf[32];
++	int rc = TRUE;
+ 
+ 	/*
+ 	 * Can't use getpwnam here. We might end up calling ourselves
+@@ -194,7 +195,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
+ 
+ 	if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
+ 		svcerr_decode(xprt);
+-		return (FALSE);
++		rc = FALSE;
++		goto done;
+ 	}
+ #ifdef RPCBIND_DEBUG
+ 	if (debugging)
+@@ -205,7 +207,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
+ 
+ 	if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) {
+ 		svcerr_weakauth(xprt);
+-		return (FALSE);
++		rc = (FALSE);
++		goto done;
+ 	}
+ 
+ 	rpcbreg.r_prog = reg.pm_prog;
+@@ -258,7 +261,16 @@ done_change:
+ 		rpcbs_set(RPCBVERS_2_STAT, ans);
+ 	else
+ 		rpcbs_unset(RPCBVERS_2_STAT, ans);
+-	return (TRUE);
++done:
++	if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
++		if (debugging) {
++			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
++			if (doabort) {
++				rpcbind_abort();
++			}
++		}
++	}
++	return (rc);
+ }
+ 
+ /* ARGSUSED */
+@@ -272,15 +284,18 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
+ #ifdef RPCBIND_DEBUG
+ 	char *uaddr;
+ #endif
++	int rc = TRUE;
+ 
+ 	if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
+ 		svcerr_decode(xprt);
+-		return (FALSE);
++		rc = FALSE;
++		goto done;
+ 	}
+ 
+ 	if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) {
+ 		svcerr_weakauth(xprt);
+-		return FALSE;
++		rc = FALSE;
++		goto done;
+ 	}
+ 
+ #ifdef RPCBIND_DEBUG
+@@ -330,21 +345,34 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
+ 		pmap_ipprot2netid(reg.pm_prot) ?: "<unknown>",
+ 		port ? udptrans : "");
+ 
+-	return (TRUE);
++done:
++	if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
++		if (debugging) {
++			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
++			if (doabort) {
++				rpcbind_abort();
++			}
++		}
++	}
++	return (rc);
+ }
+ 
+ /* ARGSUSED */
+ static bool_t
+ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
+ {
++	int rc = TRUE;
++
+ 	if (!svc_getargs(xprt, (xdrproc_t)xdr_void, NULL)) {
+ 		svcerr_decode(xprt);
+-		return (FALSE);
++		rc = FALSE;
++		goto done;
+ 	}
+ 
+ 	if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) {
+ 		svcerr_weakauth(xprt);
+-		return FALSE;
++		rc = FALSE;
++		goto done;
+ 	}
+ 	
+ 	if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist_ptr,
+@@ -354,7 +382,17 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
+ 			rpcbind_abort();
+ 		}
+ 	}
+-	return (TRUE);
++
++done:
++	if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) {
++		if (debugging) {
++			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
++			if (doabort) {
++				rpcbind_abort();
++			}
++		}
++	}
++	return (rc);
+ }
+ 
+ int pmap_netid2ipprot(const char *netid)
+diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
+index 709e3fb..091f530 100644
+--- a/src/rpcb_svc.c
++++ b/src/rpcb_svc.c
+@@ -166,7 +166,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
+ 		svcerr_decode(transp);
+ 		if (debugging)
+ 			(void) xlog(LOG_DEBUG, "rpcbind: could not decode");
+-		return;
++		goto done;
+ 	}
+ 
+ 	if (rqstp->rq_proc == RPCBPROC_SET
+diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
+index 5094879..eebbbbe 100644
+--- a/src/rpcb_svc_4.c
++++ b/src/rpcb_svc_4.c
+@@ -218,7 +218,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
+ 		svcerr_decode(transp);
+ 		if (debugging)
+ 			(void) xlog(LOG_DEBUG, "rpcbind: could not decode\n");
+-		return;
++		goto done;
+ 	}
+ 
+ 	if (rqstp->rq_proc == RPCBPROC_SET
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 5862c26..cb63afd 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -927,6 +927,14 @@ error:
+ 	if (call_msg.rm_xid != 0)
+ 		(void) free_slot_by_xid(call_msg.rm_xid);
+ out:
++	if (!svc_freeargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) {
++		if (debugging) {
++			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
++			if (doabort) {
++				rpcbind_abort();
++			}
++		}
++	}
+ 	if (local_uaddr)
+ 		free(local_uaddr);
+ 	if (buf_alloc)
+-- 
+2.13.0
+
diff --git a/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch b/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
deleted file mode 100644
index 9aa64791a..000000000
--- a/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
-From: Steve Dickson <steved@redhat.com>
-Date: Mon, 2 Nov 2015 17:05:18 -0500
-Subject: [PATCH 3/4] handle_reply: Don't use the xp_auth pointer directly
-
-In the latest libtirpc version to access the xp_auth
-one must use the SVC_XP_AUTH macro. To be backwards
-compatible a couple ifdefs were added to use the
-macro when it exists.
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/rpcb_svc_com.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 4ae93f1..22d6c84 100644
---- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
- 	a.rmt_localvers = fi->versnum;
- 
- 	xprt_set_caller(xprt, fi);
-+#if defined(SVC_XP_AUTH)
-+	SVC_XP_AUTH(xprt) = svc_auth_none;
-+#else 
- 	xprt->xp_auth = &svc_auth_none;
-+#endif
- 	svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
-+#if !defined(SVC_XP_AUTH)
- 	SVCAUTH_DESTROY(xprt->xp_auth);
- 	xprt->xp_auth = NULL;
-+#endif
-+
- done:
- 	if (buffer)
- 		free(buffer);
--- 
-2.6.4
-
diff --git a/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch b/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch
new file mode 100644
index 000000000..6cf885ac4
--- /dev/null
+++ b/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch
@@ -0,0 +1,29 @@
+From c49a7ea639eb700823e174fd605bbbe183e229aa Mon Sep 17 00:00:00 2001
+From: Steve Dickson <steved@redhat.com>
+Date: Wed, 17 May 2017 10:52:25 -0400
+Subject: [PATCH 3/6] pmapproc_dump: Fixed typo in memory leak patch
+
+commit 7ea36eee introduce a typo that caused
+NIS (aka ypbind) to fail.
+
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/pmap_svc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/pmap_svc.c b/src/pmap_svc.c
+index e926cdc..26c31d0 100644
+--- a/src/pmap_svc.c
++++ b/src/pmap_svc.c
+@@ -384,7 +384,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
+ 	}
+ 
+ done:
+-	if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) {
++	if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) {
+ 		if (debugging) {
+ 			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ 			if (doabort) {
+-- 
+2.13.0
+
diff --git a/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch b/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch
deleted file mode 100644
index c54d542e7..000000000
--- a/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 3a664b1b5a310df39bd0f325b0edb1deb31c2249 Mon Sep 17 00:00:00 2001
-From: Laurent Bigonville <bigon@bigon.be>
-Date: Wed, 18 Nov 2015 14:34:26 -0500
-Subject: [PATCH 4/4] Delete the unix socket only if we have created it
-
-From: Laurent Bigonville <bigon@bigon.be>
-
-If systemd has created the unix socket on our behalf, we shouldn't try
-to delete it.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1279076
-
-Signed-off-by: Laurent Bigonville <bigon@bigon.be
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/rpcbind.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/rpcbind.c b/src/rpcbind.c
-index 045daa1..c4265cd 100644
---- a/src/rpcbind.c
-+++ b/src/rpcbind.c
-@@ -87,6 +87,7 @@ static inline void __nss_configure_lookup(const char *db, const char *s) {}
- int debugging = 0;	/* Tell me what's going on */
- int doabort = 0;	/* When debugging, do an abort on errors */
- int dofork = 1;		/* fork? */
-+int createdsocket = 0;  /* Did I create the socket or systemd did it for me? */
- 
- rpcblist_ptr list_rbl;	/* A list of version 3/4 rpcbind services */
- 
-@@ -445,6 +446,7 @@ init_transport(struct netconfig *nconf)
- 		memset(&sun, 0, sizeof sun);
- 		sun.sun_family = AF_LOCAL;
- 		unlink(_PATH_RPCBINDSOCK);
-+		createdsocket = 1; /* We are now in the process of creating the unix socket */
- 		strcpy(sun.sun_path, _PATH_RPCBINDSOCK);
- 		addrlen = SUN_LEN(&sun);
- 		sa = (struct sockaddr *)&sun;
-@@ -846,7 +848,8 @@ static void
- terminate(int dummy /*__unused*/)
- {
- 	close(rpcbindlockfd);
--	unlink(_PATH_RPCBINDSOCK);
-+	if(createdsocket)
-+		unlink(_PATH_RPCBINDSOCK);
- 	unlink(RPCBINDDLOCK);
- #ifdef WARMSTART
- 	write_warmstart();	/* Dump yourself */
--- 
-2.6.4
-
diff --git a/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch b/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch
new file mode 100644
index 000000000..f7c307942
--- /dev/null
+++ b/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch
@@ -0,0 +1,69 @@
+From c0e38c9fd1b2c6785af90c86b26a07724c2488e8 Mon Sep 17 00:00:00 2001
+From: Nick Alcock <nick.alcock@oracle.com>
+Date: Thu, 25 May 2017 12:45:35 -0400
+Subject: [PATCH 4/6] rpcbind: fix building without --enable-debug
+
+All if (debugging) stanzas and their accompanying xlog()s and aborts
+should be within #ifdef RPCBIND_DEBUG.
+
+Fixes a compilation failure due to non-inclusion of <syslog.h> in the
+non-debugging case.
+
+Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/pmap_svc.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/pmap_svc.c b/src/pmap_svc.c
+index 26c31d0..a53dd5f 100644
+--- a/src/pmap_svc.c
++++ b/src/pmap_svc.c
+@@ -263,12 +263,14 @@ done_change:
+ 		rpcbs_unset(RPCBVERS_2_STAT, ans);
+ done:
+ 	if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
++#ifdef RPCBIND_DEBUG
+ 		if (debugging) {
+ 			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ 			if (doabort) {
+ 				rpcbind_abort();
+ 			}
+ 		}
++#endif
+ 	}
+ 	return (rc);
+ }
+@@ -347,12 +349,14 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
+ 
+ done:
+ 	if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
++#ifdef RPCBIND_DEBUG
+ 		if (debugging) {
+ 			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ 			if (doabort) {
+ 				rpcbind_abort();
+ 			}
+ 		}
++#endif
+ 	}
+ 	return (rc);
+ }
+@@ -385,12 +389,14 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
+ 
+ done:
+ 	if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) {
++#ifdef RPCBIND_DEBUG
+ 		if (debugging) {
+ 			(void) xlog(LOG_DEBUG, "unable to free arguments\n");
+ 			if (doabort) {
+ 				rpcbind_abort();
+ 			}
+ 		}
++#endif
+ 	}
+ 	return (rc);
+ }
+-- 
+2.13.0
+
diff --git a/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch b/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch
new file mode 100644
index 000000000..ff42c9e43
--- /dev/null
+++ b/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch
@@ -0,0 +1,96 @@
+From 7c7590ad536c0e24bef790cb1e65702fc54db566 Mon Sep 17 00:00:00 2001
+From: Steve Dickson <steved@redhat.com>
+Date: Tue, 30 May 2017 11:27:22 -0400
+Subject: [PATCH 5/6] rpcbproc_callit_com: Stop freeing a static pointer
+
+commit 7ea36ee introduced a svc_freeargs() call
+that ended up freeing static pointer.
+
+It turns out the allocations for the rmt_args
+is not necessary . The xdr routines (xdr_bytes) will
+handle the memory management and the largest
+possible message size is UDPMSGSIZE (due to UDP only)
+which is smaller than RPC_BUF_MAX
+
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/rpcb_svc_com.c | 39 ++++++---------------------------------
+ 1 file changed, 6 insertions(+), 33 deletions(-)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index cb63afd..1fc2229 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -612,9 +612,9 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 	struct netconfig *nconf;
+ 	struct netbuf *caller;
+ 	struct r_rmtcall_args a;
+-	char *buf_alloc = NULL, *outbufp;
++	char *outbufp;
+ 	char *outbuf_alloc = NULL;
+-	char buf[RPC_BUF_MAX], outbuf[RPC_BUF_MAX];
++	char  outbuf[RPC_BUF_MAX];
+ 	struct netbuf *na = (struct netbuf *) NULL;
+ 	struct rpc_msg call_msg;
+ 	int outlen;
+@@ -635,36 +635,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 	}
+ 	if (si.si_socktype != SOCK_DGRAM)
+ 		return;	/* Only datagram type accepted */
+-	sendsz = __rpc_get_t_size(si.si_af, si.si_proto, UDPMSGSIZE);
+-	if (sendsz == 0) {	/* data transfer not supported */
+-		if (reply_type == RPCBPROC_INDIRECT)
+-			svcerr_systemerr(transp);
+-		return;
+-	}
+-	/*
+-	 * Should be multiple of 4 for XDR.
+-	 */
+-	sendsz = ((sendsz + 3) / 4) * 4;
+-	if (sendsz > RPC_BUF_MAX) {
+-#ifdef	notyet
+-		buf_alloc = alloca(sendsz);		/* not in IDR2? */
+-#else
+-		buf_alloc = malloc(sendsz);
+-#endif	/* notyet */
+-		if (buf_alloc == NULL) {
+-			if (debugging)
+-				xlog(LOG_DEBUG,
+-					"rpcbproc_callit_com:  No Memory!\n");
+-			if (reply_type == RPCBPROC_INDIRECT)
+-				svcerr_systemerr(transp);
+-			return;
+-		}
+-		a.rmt_args.args = buf_alloc;
+-	} else {
+-		a.rmt_args.args = buf;
+-	}
++	sendsz = UDPMSGSIZE;
+ 
+ 	call_msg.rm_xid = 0;	/* For error checking purposes */
++	memset(&a, 0, sizeof(a)); /* Zero out the input buffer */
+ 	if (!svc_getargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) {
+ 		if (reply_type == RPCBPROC_INDIRECT)
+ 			svcerr_decode(transp);
+@@ -704,7 +678,8 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 	if (rbl == (rpcblist_ptr)NULL) {
+ #ifdef RPCBIND_DEBUG
+ 		if (debugging)
+-			xlog(LOG_DEBUG, "not found\n");
++			xlog(LOG_DEBUG, "prog %lu vers %lu: not found\n", 
++				a.rmt_prog, a.rmt_vers);
+ #endif
+ 		if (reply_type == RPCBPROC_INDIRECT)
+ 			svcerr_noprog(transp);
+@@ -937,8 +912,6 @@ out:
+ 	}
+ 	if (local_uaddr)
+ 		free(local_uaddr);
+-	if (buf_alloc)
+-		free(buf_alloc);
+ 	if (outbuf_alloc)
+ 		free(outbuf_alloc);
+ 	if (na) {
+-- 
+2.13.2
+
diff --git a/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch b/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch
new file mode 100644
index 000000000..1a0aa6cfb
--- /dev/null
+++ b/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch
@@ -0,0 +1,96 @@
+From 1e2ddd4ebd7a9266e6070f275fa35752752fdfd6 Mon Sep 17 00:00:00 2001
+From: Steve Dickson <steved@redhat.com>
+Date: Tue, 30 May 2017 11:29:58 -0400
+Subject: [PATCH 6/6] rpcbproc_callit_com: No need to allocate output buffer
+
+Now that sendz is a fixed size (UDPMSGSIZE) which
+is small then RPC_BUF_MAX, no need to check the
+sendz size.
+
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ src/rpcb_svc_com.c | 33 +++++----------------------------
+ 1 file changed, 5 insertions(+), 28 deletions(-)
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 1fc2229..d36b090 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -612,8 +612,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 	struct netconfig *nconf;
+ 	struct netbuf *caller;
+ 	struct r_rmtcall_args a;
+-	char *outbufp;
+-	char *outbuf_alloc = NULL;
+ 	char  outbuf[RPC_BUF_MAX];
+ 	struct netbuf *na = (struct netbuf *) NULL;
+ 	struct rpc_msg call_msg;
+@@ -674,7 +672,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 
+ 	rpcbs_rmtcall(versnum - 2, reply_type, a.rmt_prog, a.rmt_vers,
+ 			a.rmt_proc, transp->xp_netid, rbl);
+-
+ 	if (rbl == (rpcblist_ptr)NULL) {
+ #ifdef RPCBIND_DEBUG
+ 		if (debugging)
+@@ -793,24 +790,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 	call_msg.rm_call.cb_rpcvers = RPC_MSG_VERSION;
+ 	call_msg.rm_call.cb_prog = a.rmt_prog;
+ 	call_msg.rm_call.cb_vers = a.rmt_vers;
+-	if (sendsz > RPC_BUF_MAX) {
+-#ifdef	notyet
+-		outbuf_alloc = alloca(sendsz);	/* not in IDR2? */
+-#else
+-		outbuf_alloc = malloc(sendsz);
+-#endif	/* notyet */
+-		if (outbuf_alloc == NULL) {
+-			if (reply_type == RPCBPROC_INDIRECT)
+-				svcerr_systemerr(transp);
+-			if (debugging)
+-				xlog(LOG_DEBUG,
+-				"rpcbproc_callit_com:  No memory!\n");
+-			goto error;
+-		}
+-		xdrmem_create(&outxdr, outbuf_alloc, sendsz, XDR_ENCODE);
+-	} else {
+-		xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE);
+-	}
++
++	memset(outbuf, '\0', sendsz); /* Zero out the output buffer */
++	xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE);
++
+ 	if (!xdr_callhdr(&outxdr, &call_msg)) {
+ 		if (reply_type == RPCBPROC_INDIRECT)
+ 			svcerr_systemerr(transp);
+@@ -875,10 +858,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 		goto error;
+ 	}
+ 	outlen = (int) XDR_GETPOS(&outxdr);
+-	if (outbuf_alloc)
+-		outbufp = outbuf_alloc;
+-	else
+-		outbufp = outbuf;
+ 
+ 	na = uaddr2taddr(nconf, local_uaddr);
+ 	if (!na) {
+@@ -887,7 +866,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
+ 		goto error;
+ 	}
+ 
+-	if (sendto(fd, outbufp, outlen, 0, (struct sockaddr *)na->buf, na->len)
++	if (sendto(fd, outbuf, outlen, 0, (struct sockaddr *)na->buf, na->len)
+ 	    != outlen) {
+ 		if (debugging)
+ 			xlog(LOG_DEBUG,
+@@ -912,8 +891,6 @@ out:
+ 	}
+ 	if (local_uaddr)
+ 		free(local_uaddr);
+-	if (outbuf_alloc)
+-		free(outbuf_alloc);
+ 	if (na) {
+ 		free(na->buf);
+ 		free(na);
+-- 
+2.13.2
+
diff --git a/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch b/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch
deleted file mode 100644
index 946dd1bd1..000000000
--- a/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch
+++ /dev/null
@@ -1,25 +0,0 @@
---- rpcbind-0.2.3/man/rpcbind.8	2015-04-27 16:07:43.000000000 +0200
-+++ rpcbind-0.2.3/man/rpcbind.8	2015-09-22 16:25:40.000000000 +0200
-@@ -132,11 +132,20 @@
- .It Fl w
- Cause
- .Nm
--to do a "warm start" by read a state file when
-+to do a "warm start" by attempting to read *.xdr state files from the
-+state directory
-+.%T /var/state/rpcbind
-+when
- .Nm
--starts up. The state file is created when
-+starts up. The state files are created when
- .Nm
- terminates.
-+.Pp
-+This allows for restarting
-+.Nm
-+without the need to restart all RPC services that have previously registered.
-+The state file serves similar purpose like the file created/restored by
-+pmap_dump and pmap_set utilities, distributed with old portmap server package.
- .El
- .Sh NOTES
- All RPC servers must be restarted if
diff --git a/source/n/rpcbind/doinst.sh b/source/n/rpcbind/doinst.sh
index 5f7dfaf55..67027941c 100644
--- a/source/n/rpcbind/doinst.sh
+++ b/source/n/rpcbind/doinst.sh
@@ -21,4 +21,5 @@ preserve_perms() {
   config $NEW
 }
 
+config etc/default/rpc.new
 preserve_perms etc/rc.d/rc.rpc.new
diff --git a/source/n/rpcbind/rc.rpc b/source/n/rpcbind/rc.rpc
index c850c5560..a140d569c 100644
--- a/source/n/rpcbind/rc.rpc
+++ b/source/n/rpcbind/rc.rpc
@@ -9,15 +9,36 @@
 # To run an NFS server, starting these is mandatory.
 #
 
+# Source default settings:
+if [ -r /etc/default/rpc ]; then
+  . /etc/default/rpc
+fi
+
 rpc_start() {
   if [ -x /sbin/rpcbind -a -x /sbin/rpc.statd ]; then
+    # Set up port for lockd:
+    if [ -n "$LOCKD_TCP_PORT" ]; then
+      /sbin/sysctl -w "fs.nfs.nlm_tcpport=$LOCKD_TCP_PORT" >/dev/null 2>&1
+    fi
+    if [ -n "$LOCKD_UDP_PORT" ]; then
+      /sbin/sysctl -w "fs.nfs.nlm_udpport=$LOCKD_UDP_PORT" >/dev/null 2>&1
+    fi
     if ! ps axc | grep -q rpcbind ; then
-      echo "Starting RPC portmapper:  /sbin/rpcbind -l $1"
-      /sbin/rpcbind -l $1
+      echo "Starting RPC portmapper:  /sbin/rpcbind -l $* $RPCBIND_OPTS"
+      /sbin/rpcbind -l "$@" $RPCBIND_OPTS
     fi
     if ! ps axc | grep -q rpc.statd ; then
-      echo "Starting RPC NSM (Network Status Monitor):  /sbin/rpc.statd"
-      /sbin/rpc.statd
+      if [ -n "$RPC_STATD_HOSTNAME" ]; then
+        RPC_STATD_OPTS="$RPC_STATD_OPTS -n $RPC_STATD_HOSTNAME"
+      fi
+      if [ -n "$RPC_STATD_PORT" ]; then
+        RPC_STATD_OPTS="$RPC_STATD_OPTS -p $RPC_STATD_PORT"
+      fi
+      if [ -n "$RPC_STATD_OUTGOING_PORT" ]; then
+        RPC_STATD_OPTS="$RPC_STATD_OPTS -o $RPC_STATD_OUTGOING_PORT"
+      fi
+      echo "Starting RPC NSM (Network Status Monitor):  /sbin/rpc.statd $RPC_STATD_OPTS"
+      /sbin/rpc.statd $RPC_STATD_OPTS
     fi
   else
     echo "WARNING:  Cannot start RPC daemons needed for NFS.  One or more of"
diff --git a/source/n/rpcbind/rpc.default b/source/n/rpcbind/rpc.default
new file mode 100644
index 000000000..e820fae85
--- /dev/null
+++ b/source/n/rpcbind/rpc.default
@@ -0,0 +1,29 @@
+# See also /etc/default/nfs
+
+# Optional arguments passed to rpcbind. See rpcbind(8)
+#RPCBIND_OPTS=""
+#
+# Optional arguments passed to rpc.statd. See rpc.statd(8)
+#RPC_STATD_OPTS=""
+# Optional hostname to start rpc.statd with.
+#RPC_STATD_HOSTNAME="darkstar"
+# Port rpc.statd should listen on.
+#RPC_STATD_PORT=32766
+# Outgoing port rpc.statd should use.
+#RPC_STATD_OUTGOING_PORT=32765
+#
+# Optional options passed to rquotad. See rquotad(8)
+#RPC_RQUOTAD_OPTS=""
+# Optional port rquotad should listen on:
+#RPC_RQUOTAD_PORT=32769
+#
+# TCP port rpc.lockd should listen on:
+#LOCKD_TCP_PORT=32768
+# UDP port rpc.lockd should listen on:
+#LOCKD_UDP_PORT=32768
+#
+# Optional arguments passed to rpc.mountd. See rpc.mountd(8)
+#RPC_MOUNTD_OPTS=""
+# Port rpc.mountd should listen on:
+#RPC_MOUNTD_PORT=32767
+#
diff --git a/source/n/rpcbind/rpcbind.SlackBuild b/source/n/rpcbind/rpcbind.SlackBuild
index d10f5852f..4006dfd76 100755
--- a/source/n/rpcbind/rpcbind.SlackBuild
+++ b/source/n/rpcbind/rpcbind.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2015  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2015, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=rpcbind
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,6 +37,14 @@ if [ -z "$ARCH" ]; then
   export ARCH
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i386" ]; then
@@ -64,7 +73,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -73,18 +81,25 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 
-zcat $CWD/0001-security.c-removed-warning.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/01.rpcbind-manpage-statefile-explanation.patch.gz | patch -p1 --verbose || exit 1
+# CVE-2017-8779
+zcat $CWD/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0004-rpcbind-fix-building-without-enable-debug.patch.gz | patch -p1 --verbose || exit 1
+
+# Fixes from git master
+zcat $CWD/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch.gz | patch -p1 --verbose || exit 1
+
+zcat $CWD/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch | patch -p1 --verbose || exit 1
 zcat $CWD/rpcbind.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1
 
-# This is needed after the patch above:
+
+# This is needed after the libwrap patch above:
 autoreconf -vif || exit 1
+./autogen.sh
 
 chown -R root:root .
 find . \
@@ -103,8 +118,8 @@ CFLAGS="$SLKCFLAGS" \
   --mandir=/usr/man \
   --enable-libwrap \
   --enable-warmstarts \
-  --with-statedir=/var/state/rpcbind \
-  --with-rpcuser=bin \
+  --with-statedir=/var/run/rpcbind \
+  --with-rpcuser=rpc \
   --with-nss-modules="files" \
   --without-systemdsystemunitdir \
   --build=$ARCH-slackware-linux || exit 1
@@ -113,14 +128,18 @@ CFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
-# Make state directory:
-mkdir -p $PKG/var/state/rpcbind
-chown bin:root $PKG/var/state/rpcbind
+# Make state directory (not really needed as rpcbind does this on startup)
+mkdir -p $PKG/var/run/rpcbind
+chown rpc:root $PKG/var/run/rpcbind
 
 # Install init script:
 mkdir -p $PKG/etc/rc.d
 zcat $CWD/rc.rpc.gz > $PKG/etc/rc.d/rc.rpc.new
 
+# Install defaults file:
+mkdir -p $PKG/etc/default
+cat $CWD/rpc.default > $PKG/etc/default/rpc.new
+
 # Strip binaries:
 ( cd $PKG
   find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
diff --git a/source/n/rpcbind/slack-desc b/source/n/rpcbind/slack-desc
index 70adeb78d..48c27820b 100644
--- a/source/n/rpcbind/slack-desc
+++ b/source/n/rpcbind/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
@@ -10,10 +10,10 @@ rpcbind: rpcbind (a daemon to manage RPC connections)
 rpcbind:
 rpcbind: This is a network daemon used to manage connections to RPC services.
 rpcbind: It is meant as a replacement for the 'rpc.portmap' server from the
-rpcbind: 'portmap' package.  Daemons that offer RPC services (such as the
+rpcbind: 'portmap' package. Daemons that offer RPC services (such as the
 rpcbind: daemons for NFS) tell the rpcbind on what port they listen.
 rpcbind: RPC network port numbers may change each time the system is booted.
 rpcbind:
 rpcbind: This package is required to use NFS or other RPC services.
 rpcbind:
-rpcbind: Homepage:  http://sourceforge.net/projects/rpcbind/
+rpcbind: Homepage: http://sourceforge.net/projects/rpcbind/
diff --git a/source/n/rsync/rsync.SlackBuild b/source/n/rsync/rsync.SlackBuild
index 767ad5068..cba7a17c0 100755
--- a/source/n/rsync/rsync.SlackBuild
+++ b/source/n/rsync/rsync.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=rsync
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
@@ -45,7 +54,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-rsync
 rm -rf $PKG
@@ -53,7 +61,7 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf rsync-$VERSION
-tar xvf $CWD/rsync-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/rsync-$VERSION.tar.?z || exit 1
 cd rsync-$VERSION || exit 1
 
 chown -R root:root .
@@ -66,23 +74,33 @@ find . \
 CFLAGS="$SLKCFLAGS" \
 ./configure \
   --prefix=/usr \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
-
-mkdir -p $PKG/usr/bin
-cat rsync > $PKG/usr/bin/rsync
-chmod 755 $PKG/usr/bin/rsync
-
-mkdir -p $PKG/usr/man/man1
-cat rsync.1 | gzip -9c > $PKG/usr/man/man1/rsync.1.gz
-
-mkdir -p $PKG/usr/man/man5
-cat rsyncd.conf.5 | gzip -9c > $PKG/usr/man/man5/rsyncd.conf.5.gz
+make install DESTDIR=$PKG || exit
+
+mv $PKG/usr/share/man $PKG/usr
+rmdir $PKG/usr/share
+
+# Compress and link manpages, if any:
+if [ -d $PKG/usr/man ]; then
+  ( cd $PKG/usr/man
+    for manpagedir in $(find . -type d -name "man*") ; do
+      ( cd $manpagedir
+        for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do
+          ln -s $( readlink $eachpage ).gz $eachpage.gz
+          rm $eachpage
+        done
+        gzip -9 *.?
+      )
+    done
+  )
+fi
 
 mkdir -p $PKG/usr/doc/rsync-$VERSION/popt
 cp -a \
   COPYING* INSTALL NEWS README* TODO tech_report.tex \
+  support \
   $PKG/usr/doc/rsync-$VERSION
 ( cd popt
   cp -a CHANGES COPYING README README.rsync $PKG/usr/doc/rsync-$VERSION/popt
diff --git a/source/n/rsync/slack-desc b/source/n/rsync/slack-desc
index 7e3b7089a..1b04b3b74 100644
--- a/source/n/rsync/slack-desc
+++ b/source/n/rsync/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 rsync: rsync (remote file sync)
 rsync:
-rsync: rsync is a replacement for rcp that has many more features.  It
+rsync: rsync is a replacement for rcp that has many more features. It
 rsync: uses the "rsync algorithm" which provides a very fast method for
-rsync: bringing remote files into sync.  It does this by sending just the
+rsync: bringing remote files into sync. It does this by sending just the
 rsync: differences in the files across the link, without requiring that both
 rsync: sets of files are present at one of the ends of the link beforehand.
 rsync: rsync was written by Andrew Tridgell and Paul Mackerras.
 rsync:
-rsync: Homepage:  http://rsync.samba.org
+rsync: Homepage: http://rsync.samba.org
 rsync:
diff --git a/source/n/samba/pytalloc-util.pc b/source/n/samba/pytalloc-util.pc
deleted file mode 100644
index 800a9a815..000000000
--- a/source/n/samba/pytalloc-util.pc
+++ /dev/null
@@ -1,11 +0,0 @@
-prefix=/usr
-exec_prefix=${prefix}
-libdir=${prefix}/lib
-includedir=${prefix}/include
-
-Name: pytalloc-util
-Description: Utility functions for using talloc objects with Python
-Version: 2.0.8
-Libs: -L${libdir} -lpytalloc-util
-Cflags: -Wl,-rpath,/usr/lib -I${includedir}
-URL: http://talloc.samba.org/
diff --git a/source/n/samba/samba.SlackBuild b/source/n/samba/samba.SlackBuild
index a7406724d..caaa4d195 100755
--- a/source/n/samba/samba.SlackBuild
+++ b/source/n/samba/samba.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2012, 2013, 2015, 2016  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2012, 2013, 2015, 2016, 2017, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -22,9 +22,11 @@
 
 # Modified 2012 by Eric Hameleers <alien at slackware.com> for ARM port.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-VERSION=${VERSION:-$(echo samba-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-3}
+PKGNAM=samba
+VERSION=${VERSION:-$(echo samba-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-1}
 
 if [ -e $CWD/machine.conf ]; then
   . $CWD/machine.conf ]
@@ -56,34 +58,31 @@ else
   fi
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 case "$ARCH" in
     arm*) TARGET=$ARCH-slackware-linux-gnueabi ;;
     *)    TARGET=$ARCH-slackware-linux ;;
 esac
 
-CWD=$(pwd)
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-samba
 rm -rf $PKG
 mkdir -p $TMP $PKG
 
-if [ -r /usr/lib${LIBDIRSUFFIX}/libtalloc.so.? -a ! -r /var/log/packages/talloc* ]; then
-  echo "The Samba package needs to be removed before building to ensure that"
-  echo "talloc (and possibly other bundled libraries) are included in the build."
-  echo
-  echo "Removing the Samba package in 15 seconds, and then continuing with the build."
-  sleep 15
-  removepkg samba
-fi
-
 cd $TMP
 rm -rf samba-$VERSION
-tar xvf $CWD/samba-$VERSION.tar.xz || exit 1
+tar xvf $CWD/samba-$VERSION.tar.?z || exit 1
 cd samba-$VERSION || exit 1
 
-# Patch to install talloc/tevent/tdb libraries and includes:
-zcat $CWD/samba.install.talloc.tevent.tdb.diff.gz | patch -p1 --verbose || exit 1
-
 if [ ! -d source3/lib/cmdline ]; then
   ( cd source3/lib
     mkdir cmdline
@@ -132,16 +131,24 @@ CFLAGS="$SLKCFLAGS" \
   --with-ldap \
   --with-ads \
   --without-pam \
-  --build=$TARGET
+  --build=$TARGET || exit 1
   # Gives errors:
   #--builtin-libraries=replace,ccan \
   #--bundled-libraries=heimdal \
 
-# -j options don't seem to work... [Yes they do!  At least try to use -j below...]
-JOBS=6
-MAXJOBS=6
-export JOBS MAXJOBS
-make -j $MAXJOBS || make || exit 1
+# Build with waf directly so that multiple jobs work.
+# Script lifted from "./configure".
+PREVPATH=`dirname $0`
+WAF=./buildtools/bin/waf
+# using JOBS=1 gives maximum compatibility with
+# systems like AIX which have broken threading in python
+JOBS=$(echo $NUMJOBS | tr -dc '0-9')
+export JOBS
+# Make sure we don't have any library preloaded.
+unset LD_PRELOAD
+cd . || exit 1
+${PYTHON:=python} $WAF build "$@" || exit 1
+cd $PREVPATH
 
 mkdir -p \
          $PKG/usr/doc/samba-$VERSION \
diff --git a/source/n/samba/samba.install.talloc.tevent.tdb.diff b/source/n/samba/samba.install.talloc.tevent.tdb.diff
deleted file mode 100644
index 9410f2b71..000000000
--- a/source/n/samba/samba.install.talloc.tevent.tdb.diff
+++ /dev/null
@@ -1,102 +0,0 @@
---- ./lib/tevent/wscript.orig	2016-03-08 05:07:45.000000000 -0600
-+++ ./lib/tevent/wscript	2016-04-11 12:45:14.299532166 -0500
-@@ -92,11 +92,8 @@
-     if bld.CONFIG_SET('HAVE_SOLARIS_PORTS'):
-         SRC += ' tevent_port.c'
- 
--    if bld.env.standalone_tevent:
--        bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig'
--        private_library = False
--    else:
--        private_library = True
-+    bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig'
-+    private_library = False
- 
-     if not bld.CONFIG_SET('USING_SYSTEM_TEVENT'):
-         bld.SAMBA_LIBRARY('tevent',
---- ./lib/tdb/wscript.orig	2016-01-26 05:45:46.000000000 -0600
-+++ ./lib/tdb/wscript	2016-04-11 12:45:14.301532166 -0500
-@@ -117,11 +117,8 @@
- 
-     COMMON_SRC = bld.SUBDIR('common', COMMON_FILES)
- 
--    if bld.env.standalone_tdb:
--        bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig'
--        private_library = False
--    else:
--        private_library = True
-+    bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig'
-+    private_library = False
- 
-     if not bld.CONFIG_SET('USING_SYSTEM_TDB'):
- 
---- ./lib/talloc/wscript.orig	2016-04-11 12:45:14.295532166 -0500
-+++ ./lib/talloc/wscript	2016-04-11 12:45:26.761531768 -0500
-@@ -77,41 +77,39 @@
- def build(bld):
-     bld.RECURSE('lib/replace')
- 
--    if bld.env.standalone_talloc:
--        bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig'
--        bld.env.TALLOC_VERSION = VERSION
--        private_library = False
--
--        # should we also install the symlink to libtalloc1.so here?
--        bld.SAMBA_LIBRARY('talloc-compat1-%s' % (VERSION),
--                          'compat/talloc_compat1.c',
--                          public_deps='talloc',
--                          soname='libtalloc.so.1',
--                          pc_files=[],
--                          public_headers=[],
--                          enabled=bld.env.TALLOC_COMPAT1)
--
--        testsuite_deps = 'talloc'
--        if bld.CONFIG_SET('HAVE_PTHREAD'):
--            testsuite_deps += ' pthread'
--
--        bld.SAMBA_BINARY('talloc_testsuite',
--                         'testsuite_main.c testsuite.c',
--                         testsuite_deps,
--                         install=False)
--
--        bld.SAMBA_BINARY('talloc_test_magic_differs_helper',
--                         'test_magic_differs_helper.c',
--                         'talloc', install=False)
-+    bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig'
-+    bld.env.TALLOC_VERSION = VERSION
-+    private_library = False
-+
-+    # should we also install the symlink to libtalloc1.so here?
-+    bld.SAMBA_LIBRARY('talloc-compat1-%s' % (VERSION),
-+                      'compat/talloc_compat1.c',
-+                      public_deps='talloc',
-+                      soname='libtalloc.so.1',
-+                      pc_files=[],
-+                      public_headers=[],
-+                      enabled=bld.env.TALLOC_COMPAT1)
-+
-+    testsuite_deps = 'talloc'
-+    if bld.CONFIG_SET('HAVE_PTHREAD'):
-+        testsuite_deps += ' pthread'
-+
-+    bld.SAMBA_BINARY('talloc_testsuite',
-+                     'testsuite_main.c testsuite.c',
-+                     testsuite_deps,
-+                     install=False)
-+
-+    bld.SAMBA_BINARY('talloc_test_magic_differs_helper',
-+                     'test_magic_differs_helper.c',
-+                     'talloc', install=False)
- 
--    else:
--        private_library = True
- 
-     if not bld.CONFIG_SET('USING_SYSTEM_TALLOC'):
- 
-         bld.SAMBA_LIBRARY('talloc',
-                           'talloc.c',
-                           deps='replace',
-+                          includes='.',
-                           abi_directory='ABI',
-                           abi_match='talloc* _talloc*',
-                           hide_symbols=True,
diff --git a/source/n/samba/samba.url b/source/n/samba/samba.url
new file mode 100644
index 000000000..ab8fd5143
--- /dev/null
+++ b/source/n/samba/samba.url
@@ -0,0 +1,2 @@
+https://download.samba.org/pub/samba/stable/samba-4.8.2.tar.gz
+https://download.samba.org/pub/samba/stable/samba-4.8.2.tar.asc
diff --git a/source/n/samba/slack-desc b/source/n/samba/slack-desc
index f4352c607..5080fd6cb 100644
--- a/source/n/samba/slack-desc
+++ b/source/n/samba/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 samba: samba (CIFS file and print server)
 samba:
-samba: Samba is a CIFS file and print server for CIFS clients.  It allows
+samba: Samba is a CIFS file and print server for CIFS clients. It allows
 samba: you to make file space or printers on a Samba host available to CIFS
 samba: clients (such as PCs running Windows).
 samba:
 samba: If you have any Windows file servers, you may be able to replace them
-samba: or supplement them with Samba.  One of Samba's big strengths is
+samba: or supplement them with Samba. One of Samba's big strengths is
 samba: integration, so you can use it to tie together your Linux hosts and
 samba: Windows PC clients.
 samba:
diff --git a/source/n/samba/smb.conf.default b/source/n/samba/smb.conf.default
index c41cfff60..45d6f10f5 100644
--- a/source/n/samba/smb.conf.default
+++ b/source/n/samba/smb.conf.default
@@ -33,7 +33,7 @@
 # domain controller", "classic backup domain controller", "active
 # directory domain controller".
 #
-# Most people will want "standalone sever" or "member server".
+# Most people will want "standalone server" or "member server".
 # Running as "active directory domain controller" will require first
 # running "samba-tool domain provision" to wipe databases and create a
 # new domain.
diff --git a/source/n/samba/smb.conf.default.orig b/source/n/samba/smb.conf.default.orig
index bb9c2e25e..2f2072090 100644
--- a/source/n/samba/smb.conf.default.orig
+++ b/source/n/samba/smb.conf.default.orig
@@ -33,7 +33,7 @@
 # domain controller", "classic backup domain controller", "active
 # directory domain controller".
 #
-# Most people will want "standalone sever" or "member server".
+# Most people will want "standalone server" or "member server".
 # Running as "active directory domain controller" will require first
 # running "samba-tool domain provision" to wipe databases and create a
 # new domain.
diff --git a/source/n/samba/smb.conf.diff b/source/n/samba/smb.conf.diff
index b08d2b12d..73688a8ac 100644
--- a/source/n/samba/smb.conf.diff
+++ b/source/n/samba/smb.conf.diff
@@ -1,5 +1,5 @@
---- smb.conf.default.orig	2013-06-13 04:21:02.000000000 -0500
-+++ smb.conf.default	2013-10-15 20:02:31.684043875 -0500
+--- smb.conf.default.orig	2017-01-11 01:55:14.000000000 -0600
++++ smb.conf.default	2017-03-23 14:18:05.114503416 -0500
 @@ -22,7 +22,7 @@
  #======================= Global Settings =====================================
  [global]
diff --git a/source/n/samba/talloc.pc b/source/n/samba/talloc.pc
deleted file mode 100644
index 125977d19..000000000
--- a/source/n/samba/talloc.pc
+++ /dev/null
@@ -1,11 +0,0 @@
-prefix=/usr
-exec_prefix=${prefix}
-libdir=${prefix}/lib
-includedir=${prefix}/include
-
-Name: talloc 
-Description: A hierarchical pool based memory system with destructors
-Version: 2.0.8
-Libs: -Wl,-rpath,/usr/lib -L${libdir} -ltalloc
-Cflags: -I${includedir} 
-URL: http://talloc.samba.org/
diff --git a/source/n/sendmail/SlackBuild-sendmail b/source/n/sendmail/SlackBuild-sendmail
deleted file mode 100755
index c37017462..000000000
--- a/source/n/sendmail/SlackBuild-sendmail
+++ /dev/null
@@ -1,168 +0,0 @@
-#!/bin/sh
-
-# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015  Patrick J. Volkerding, Sebeka, Minnesota, USA
-# All rights reserved.
-#
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-#
-# 1. Redistributions of this script must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
-#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
-#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-VERSION=8.15.2
-BUILD=${BUILD:-2}
-
-# Automatically determine the architecture we're building on:
-if [ -z "$ARCH" ]; then
-  case "$( uname -m )" in
-    i?86) export ARCH=i586 ;;
-    arm*) export ARCH=arm ;;
-    # Unless $ARCH is already set, use uname -m for all other archs:
-       *) export ARCH=$( uname -m ) ;;
-  esac
-fi
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-sendmail
-
-if [ "$ARCH" = "i586" ]; then
-  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
-  LIBDIRSUFFIX=""
-elif [ "$ARCH" = "s390" ]; then
-  SLKCFLAGS="-O2"
-  LIBDIRSUFFIX=""
-elif [ "$ARCH" = "x86_64" ]; then
-  SLKCFLAGS="-O2 -fPIC"
-  LIBDIRSUFFIX="64"
-else
-  SLKCFLAGS="-O2"
-  LIBDIRSUFFIX=""
-fi
-
-rm -rf $PKG
-mkdir -p $TMP $PKG
-
-# Explode the package framework:
-cd $PKG
-explodepkg $CWD/_sendmail.tar.gz
-[ -n "${LIBDIRSUFFIX}" ] && mv $PKG/usr/lib $PKG/usr/lib${LIBDIRSUFFIX}
-
-echo "+=================+"
-echo "| sendmail.$VERSION |"
-echo "+=================+"
-OSCPU="`uname -srm | tr ' ' '.'`"
-cd $TMP
-rm -rf sendmail-$VERSION
-tar xvf $CWD/sendmail.$VERSION.tar.gz || exit 1
-cd sendmail-$VERSION
-
-chown -R root:root .
-find . \
-  \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-  -exec chmod 755 {} \; -o \
-  \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-  -exec chmod 644 {} \;
-
-# Add TLS support to the sendmail binary:
-cat $CWD/site.config.m4 > devtools/Site/site.config.m4
-
-# Build .cf files for Linux:
-cd $TMP/sendmail-$VERSION/cf/cf
-cp $CWD/*.mc .
-cp linux.uucp.mc config.mc
-sh Build config.cf
-mv config.cf $PKG/usr/share/sendmail/linux.uucp.cf
-cp sendmail-slackware.mc config.mc
-sh Build config.cf
-mv config.cf $PKG/usr/share/sendmail/sendmail-slackware.cf
-cp sendmail-slackware-tls.mc config.mc
-sh Build config.cf
-mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls.cf
-cp sendmail-slackware-tls-sasl.mc config.mc
-sh Build config.cf
-mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls-sasl.cf
-
-# Add a sample sendmail.cf:
-cat $PKG/usr/share/sendmail/sendmail-slackware.cf > $PKG/etc/mail/sendmail.cf.new
-cat submit.cf > $PKG/etc/mail/submit.cf.new
-
-cd $TMP/sendmail-$VERSION
-## All "Build" does is call make while screwing up the options  :-)
-## sh Build
-make O="$SLKCFLAGS"
-#O="$SLKCFLAGS" sh Build
-cat sendmail/mailq.1 | gzip -9c > $PKG/usr/man/man1/mailq.1.gz
-cat sendmail/newaliases.1 | gzip -9c > $PKG/usr/man/man1/newaliases.1.gz
-mkdir -p $PKG/usr/doc/sendmail-$VERSION
-cp -a \
-  FAQ INSTALL KNOWNBUGS LICENSE PGPKEYS README RELEASE_NOTES \
-  $PKG/usr/doc/sendmail-$VERSION
-( cd doc ; cp -a op $PKG/usr/doc/sendmail-$VERSION )
-
-cd obj.$OSCPU/sendmail
-cat sendmail > $PKG/usr/sbin/sendmail.new
-cat aliases.5 | gzip -9c > $PKG/usr/man/man5/aliases.5.gz
-cat sendmail.8 | gzip -9c > $PKG/usr/man/man8/sendmail.8.gz
-cat statistics > $PKG/etc/mail/statistics
-cat ../../sendmail/helpfile > $PKG/etc/mail/helpfile
-cd ../makemap
-cat makemap > $PKG/usr/sbin/makemap
-cat makemap.8 | gzip -9c > $PKG/usr/man/man8/makemap.8.gz
-cd ../mailstats
-cat mailstats > $PKG/usr/sbin/mailstats
-cat mailstats.8 | gzip -9c > $PKG/usr/man/man8/mailstats.8.gz
-cd ../praliases
-cat praliases > $PKG/usr/bin/praliases
-chmod 755 $PKG/usr/bin/praliases
-cat praliases.8 | gzip -9c > $PKG/usr/man/man8/praliases.8.gz
-cd ../rmail
-cat rmail > $PKG/usr/bin/rmail
-cat rmail.8 | gzip -9c > $PKG/usr/man/man8/rmail.8.gz
-cd ../smrsh
-cat smrsh > $PKG/usr/sbin/smrsh
-cat smrsh.8 | gzip -9c > $PKG/usr/man/man8/smrsh.8.gz
-cd ../mail.local
-cat mail.local > $PKG/usr/sbin/mail.local
-cat mail.local.8 | gzip -9c > $PKG/usr/man/man8/mail.local.8.gz
-cd ../vacation
-cat vacation > $PKG/usr/bin/vacation
-cat vacation.1 | gzip -9c > $PKG/usr/man/man1/vacation.1.gz
-cd ../editmap
-cat editmap > $PKG/usr/sbin/editmap
-cat editmap.8 | gzip -9c > $PKG/usr/man/man8/editmap.8.gz
-
-# Add libmilter:
-cd $TMP/sendmail-$VERSION/libmilter
-./Build
-cd ..
-mkdir -p $PKG/usr/include
-mkdir -p $PKG/usr/include/libmilter
-cp -a include/libmilter/mfapi.h $PKG/usr/include/libmilter
-cp -a include/libmilter/mfdef.h $PKG/usr/include/libmilter
-cp -a obj.*/libmilter/libmilter.a $PKG/usr/lib${LIBDIRSUFFIX}
-strip -g $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a
-chmod 644 $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a $PKG/usr/include/libmilter/*
-mkdir -p $PKG/usr/doc/sendmail-$VERSION/libmilter
-cp -a libmilter/README $PKG/usr/doc/sendmail-$VERSION/libmilter
-
-find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
-  | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
-
-cat $CWD/slack-desc.sendmail > $PKG/install/slack-desc
-
-# Build the package:
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/sendmail-$VERSION-$ARCH-$BUILD.txz
-
diff --git a/source/n/sendmail/SlackBuild-sendmail-cf b/source/n/sendmail/SlackBuild-sendmail-cf
deleted file mode 100755
index 69d1fef2f..000000000
--- a/source/n/sendmail/SlackBuild-sendmail-cf
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/bin/sh
-
-# Copyright 2008, 2009, 2012, 2013, 2014, 2015  Patrick J. Volkerding, Sebeka, Minnesota, USA
-# All rights reserved.
-#
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-#
-# 1. Redistributions of this script must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
-#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
-#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-VERSION=8.15.2
-ARCH=noarch
-BUILD=${BUILD:-2}
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-sendmail-cf
-
-rm -rf $PKG
-mkdir -p $TMP $PKG
-
-echo "+====================+"
-echo "| sendmail.cf.$VERSION |"
-echo "+====================+"
-( cd $TMP/sendmail-$VERSION ; find . -name "*~" -print -exec rm {} \; )
-cd $PKG
-mkdir -p usr/share/sendmail/cf
-cd usr/share/sendmail/cf
-cp -a $TMP/sendmail-$VERSION/cf/README .
-cp -a $TMP/package-sendmail/usr/share/sendmail/README.linux .
-for dir in cf domain feature hack m4 mailer ostype sh siteconfig ; do
-  cp -a $TMP/sendmail-$VERSION/cf/$dir .
-done
-# Replace the sendmail Build script with a simple (working) one:
-cp -a $PKG/usr/share/sendmail/cf/cf/Build $PKG/usr/share/sendmail/cf/cf/Build.orig
-zcat $CWD/Build.gz > $PKG/usr/share/sendmail/cf/cf/Build
-chown -R root.root *
-
-mkdir -p $PKG/install
-cat $CWD/slack-desc.sendmail-cf > $PKG/install/slack-desc
-
-# Build the package:
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/sendmail-cf-$VERSION-noarch-$BUILD.txz
-
diff --git a/source/n/sendmail/linux.uucp.mc b/source/n/sendmail/linux.uucp.mc
deleted file mode 100644
index ffd242bb0..000000000
--- a/source/n/sendmail/linux.uucp.mc
+++ /dev/null
@@ -1,8 +0,0 @@
-include(`../m4/cf.m4')
-VERSIONID(`linux for setup with uucp which uses domain names')dnl
-OSTYPE(linux)
-FEATURE(always_add_domain)dnl
-MAILER(local)dnl
-MAILER(smtp)dnl
-MAILER(uucp)
-define(`SMART_HOST', uucp-dom:otheruucphost)
diff --git a/source/n/sendmail/sendmail-slackware-tls-sasl.mc b/source/n/sendmail/sendmail-slackware-tls-sasl.mc
deleted file mode 100644
index ed5753b43..000000000
--- a/source/n/sendmail/sendmail-slackware-tls-sasl.mc
+++ /dev/null
@@ -1,61 +0,0 @@
-dnl# This is the a sendmail .mc file for Slackware with TLS support.
-dnl# To generate the sendmail.cf file from this (perhaps after making
-dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this:
-dnl#
-dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc
-dnl# cd /usr/share/sendmail/cf
-dnl# sh Build config.mc
-dnl#
-dnl# You may then install the resulting .cf file:
-dnl# cp config.cf /etc/mail/sendmail.cf
-dnl#
-include(`../m4/cf.m4')
-VERSIONID(`TLS supporting setup for Slackware Linux')dnl
-OSTYPE(`linux')dnl
-dnl#
-dnl# You will need to create the certificates below with OpenSSL first:
-define(`confCACERT_PATH', `/etc/mail/certs/')
-define(`confCACERT', `/etc/mail/certs/CA.cert.pem')
-define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem')
-define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem')
-dnl# These settings help protect against people verifying email addresses
-dnl# at your site in order to send you email that you probably don't want:
-define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
-dnl# Uncomment the line below to send outgoing mail through an external server:
-dnl define(`SMART_HOST',`mailserver.example.com')
-dnl# No timeout for ident:
-define(`confTO_IDENT', `0')dnl
-dnl# Enable the line below to use smrsh to restrict what sendmail can run:
-dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
-dnl# See the README in /usr/share/sendmail/cf for a ton of information on
-dnl# how these options work:
-FEATURE(`use_cw_file')dnl
-FEATURE(`use_ct_file')dnl
-FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
-FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
-FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
-FEATURE(`blacklist_recipients')dnl
-FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
-FEATURE(`always_add_domain')dnl
-FEATURE(`redirect')dnl
-FEATURE(`no_default_msa')dnl
-dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
-dnl FEATURE(`accept_unresolvable_domains')dnl
-EXPOSED_USER(`root')dnl
-dnl# Also accept mail for localhost.localdomain:
-LOCAL_DOMAIN(`localhost.localdomain')dnl
-MAILER(local)dnl
-MAILER(smtp)dnl
-MAILER(procmail)dnl
-dnl# Allow SASL authentication/relaying:
-define(`confAUTH_OPTIONS', `A p y')dnl
-define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
-TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
-DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
-dnl# Daemon options after M= below that might need to be changed are:
-dnl# s (allow SSL, not only TLS)
-dnl# a (require authentication)
-DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl
-LOCAL_CONFIG
-dnl# Do not allow the weak SSLv2:
-O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL
diff --git a/source/n/sendmail/sendmail-slackware-tls.mc b/source/n/sendmail/sendmail-slackware-tls.mc
deleted file mode 100644
index 01a66775b..000000000
--- a/source/n/sendmail/sendmail-slackware-tls.mc
+++ /dev/null
@@ -1,56 +0,0 @@
-dnl# This is the a sendmail .mc file for Slackware with TLS support.
-dnl# To generate the sendmail.cf file from this (perhaps after making
-dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this:
-dnl#
-dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc
-dnl# cd /usr/share/sendmail/cf
-dnl# sh Build config.mc
-dnl#
-dnl# You may then install the resulting .cf file:
-dnl# cp config.cf /etc/mail/sendmail.cf
-dnl#
-include(`../m4/cf.m4')
-VERSIONID(`TLS supporting setup for Slackware Linux')dnl
-OSTYPE(`linux')dnl
-dnl#
-dnl# You will need to create the certificates below with OpenSSL first:
-define(`confCACERT_PATH', `/etc/mail/certs/')
-define(`confCACERT', `/etc/mail/certs/CA.cert.pem')
-define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem')
-define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem')
-dnl# These settings help protect against people verifying email addresses
-dnl# at your site in order to send you email that you probably don't want:
-define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
-dnl# Uncomment the line below to send outgoing mail through an external server:
-dnl define(`SMART_HOST',`mailserver.example.com')
-dnl# No timeout for ident:
-define(`confTO_IDENT', `0')dnl
-dnl# Enable the line below to use smrsh to restrict what sendmail can run:
-dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
-dnl# See the README in /usr/share/sendmail/cf for a ton of information on
-dnl# how these options work:
-FEATURE(`use_cw_file')dnl
-FEATURE(`use_ct_file')dnl
-FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
-FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
-FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
-FEATURE(`blacklist_recipients')dnl
-FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
-FEATURE(`always_add_domain')dnl
-FEATURE(`redirect')dnl
-dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
-dnl FEATURE(`accept_unresolvable_domains')dnl
-EXPOSED_USER(`root')dnl
-dnl# Also accept mail for localhost.localdomain:
-LOCAL_DOMAIN(`localhost.localdomain')dnl
-MAILER(local)dnl
-MAILER(smtp)dnl
-MAILER(procmail)dnl
-DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
-dnl# Daemon options after M= below that might need to be changed are:
-dnl# s (allow SSL, not only TLS)
-dnl# a (require authentication)
-DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Es')dnl
-LOCAL_CONFIG
-dnl# Do not allow the weak SSLv2:
-O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL
diff --git a/source/n/sendmail/sendmail-slackware.mc b/source/n/sendmail/sendmail-slackware.mc
deleted file mode 100644
index 4fd4620bf..000000000
--- a/source/n/sendmail/sendmail-slackware.mc
+++ /dev/null
@@ -1,42 +0,0 @@
-dnl# This is the default sendmail .mc file for Slackware.  To generate
-dnl# the sendmail.cf file from this (perhaps after making some changes),
-dnl# use the m4 files in /usr/share/sendmail/cf like this:
-dnl#
-dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc
-dnl# cd /usr/share/sendmail/cf
-dnl# sh Build config.cf
-dnl#
-dnl# You may then install the resulting .cf file:
-dnl# cp config.cf /etc/mail/sendmail.cf
-dnl#
-include(`../m4/cf.m4')
-VERSIONID(`default setup for Slackware Linux')dnl
-OSTYPE(`linux')dnl
-dnl# These settings help protect against people verifying email addresses
-dnl# at your site in order to send you email that you probably don't want:
-define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
-dnl# Uncomment the line below to send outgoing mail through an external server:
-dnl define(`SMART_HOST',`mailserver.example.com')
-dnl# No timeout for ident:
-define(`confTO_IDENT', `0')dnl
-dnl# Enable the line below to use smrsh to restrict what sendmail can run:
-dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
-dnl# See the README in /usr/share/sendmail/cf for a ton of information on
-dnl# how these options work:
-FEATURE(`use_cw_file')dnl
-FEATURE(`use_ct_file')dnl
-FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
-FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
-FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
-FEATURE(`blacklist_recipients')dnl
-FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
-FEATURE(`always_add_domain')dnl
-FEATURE(`redirect')dnl
-dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
-dnl FEATURE(`accept_unresolvable_domains')dnl
-EXPOSED_USER(`root')dnl
-dnl# Also accept mail for localhost.localdomain:
-LOCAL_DOMAIN(`localhost.localdomain')dnl
-MAILER(local)dnl
-MAILER(smtp)dnl
-MAILER(procmail)dnl
diff --git a/source/n/sendmail/sendmail.SlackBuild b/source/n/sendmail/sendmail.SlackBuild
deleted file mode 100755
index 462f16e9d..000000000
--- a/source/n/sendmail/sendmail.SlackBuild
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-./SlackBuild-sendmail $*
-./SlackBuild-sendmail-cf $*
diff --git a/source/n/sendmail/site.config.m4 b/source/n/sendmail/site.config.m4
deleted file mode 100644
index 09b1d72ff..000000000
--- a/source/n/sendmail/site.config.m4
+++ /dev/null
@@ -1,8 +0,0 @@
-APPENDDEF(`confENVDEF', `-DNETINET6')
-APPENDDEF(`confMAPDEF', `-DNEWDB -DSTARTTLS -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX -DSOCKETMAP')
-APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lsasl2 -lwrap -lm -ldb -lresolv')
-APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER')
-APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')
-APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ')
-APPENDDEF(`confENVDEF', `-DBROKEN_PTHREAD_SLEEP')
-APPENDDEF(`confENVDEF', `-D_FFR_TLS_1')dnl
diff --git a/source/n/sendmail/slack-desc.sendmail b/source/n/sendmail/slack-desc.sendmail
deleted file mode 100644
index cdcc9387a..000000000
--- a/source/n/sendmail/slack-desc.sendmail
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-        |-----handy-ruler------------------------------------------------------|
-sendmail: sendmail (mail transfer agent)
-sendmail:
-sendmail: Eric Allman's mail transport agent. The _Unix System Administration
-sendmail: Handbook_ calls sendmail 'The most complex and complete mail delivery
-sendmail: system in common use...'
-sendmail:
-sendmail: Ready-made configuration files are included for systems connected by
-sendmail: TCP/IP (with or without a nameserver) and for systems using UUCP.
-sendmail:
-sendmail: The procmail package is required to handle local mail delivery.
-sendmail:
diff --git a/source/n/sendmail/slack-desc.sendmail-cf b/source/n/sendmail/slack-desc.sendmail-cf
deleted file mode 100644
index df56efdc8..000000000
--- a/source/n/sendmail/slack-desc.sendmail-cf
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-           |-----handy-ruler------------------------------------------------------|
-sendmail-cf: sendmail-cf (configuration files for sendmail)
-sendmail-cf:
-sendmail-cf: These files are used to create sendmail.cf configuration files.  The
-sendmail-cf: m4 macro processor is also required in order to make use of these
-sendmail-cf: files. 
-sendmail-cf:
-sendmail-cf: The files and documentation in /usr/share/sendmail should make it
-sendmail-cf: possible to support virtually any mail configuration.  NOTE: You
-sendmail-cf: probably won't need this package if you're planning to use one of the
-sendmail-cf: sendmail.cf samples included in the sendmail package.
-sendmail-cf:
diff --git a/source/n/slrn/slack-desc b/source/n/slrn/slack-desc
index bbec2dab6..8d5462970 100644
--- a/source/n/slrn/slack-desc
+++ b/source/n/slrn/slack-desc
@@ -1,14 +1,14 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 slrn: slrn (s-lang read news)
 slrn:
-slrn: slrn is an easy to use but powerful newsreader.  It is highly
+slrn: slrn is an easy to use but powerful newsreader. It is highly
 slrn: customizable, supports scoring, free key bindings, and can be extended
 slrn: using the s-lang macro language.
 slrn:
diff --git a/source/n/slrn/slrn.SlackBuild b/source/n/slrn/slrn.SlackBuild
index 487a64627..733539fb6 100755
--- a/source/n/slrn/slrn.SlackBuild
+++ b/source/n/slrn/slrn.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,24 +20,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=slrn
 VERSION=1.0.2
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-slrn
 rm -rf $PKG
diff --git a/source/n/snownews/slack-desc b/source/n/snownews/slack-desc
index 5ad21d08c..c8f213ab9 100644
--- a/source/n/snownews/slack-desc
+++ b/source/n/snownews/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
@@ -14,6 +14,6 @@ snownews: other formats.
 snownews:
 snownews: Snownews was written and is maintained by Oliver Feiler.
 snownews:
-snownews: Snownews homepage:  http://kiza.kcore.de/software/snownews
+snownews: Snownews homepage: https://github.com/kouya/snownews
 snownews:
 snownews:
diff --git a/source/n/snownews/snownews.SlackBuild b/source/n/snownews/snownews.SlackBuild
index 75bc28757..ebddfdda4 100755
--- a/source/n/snownews/snownews.SlackBuild
+++ b/source/n/snownews/snownews.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright  2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright  2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,24 +20,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=snownews
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
@@ -50,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-snownews
 
@@ -70,12 +79,22 @@ find . \
 
 CFLAGS="$SLKCFLAGS" \
 ./configure \
-  --prefix=/usr
+  --prefix=/usr \
+  --libdir=/usr/lib${LIBDIRSUFFIX} \
+  --sysconfdir=/etc \
+  --localstatedir=/var \
+  --docdir=/usr/doc/$PKGNAM-$VERSION \
+  --mandir=/usr/man \
+  --infodir=/usr/info \
+  --disable-static \
+  --build=$ARCH-slackware-linux || exit 1
 
 # Use ncursesw instead of regular ncurses:
 sed -i 's|lncurses|lncursesw|g' platform_settings
 
 make $NUMJOBS || make || exit 1
+
+zcat $CWD/snownews.fake.destdir.diff.gz | patch -p1 --verbose || exit 1
 make install DESTDIR=$PKG || exit 1
 
 find $PKG | xargs file | grep -e "executable" -e "shared object" \
@@ -99,7 +118,7 @@ fi
 
 mkdir -p $PKG/usr/doc/snownews-$VERSION
 cp -a \
-  AUTHOR COPYING* CREDITS INSTALL README* \
+  AUTHOR COPYING* CREDITS README* \
   $PKG/usr/doc/snownews-$VERSION
 
 # If there's a Changelog, installing at least part of the recent history
diff --git a/source/n/snownews/snownews.fake.destdir.diff b/source/n/snownews/snownews.fake.destdir.diff
new file mode 100644
index 000000000..305c6d61f
--- /dev/null
+++ b/source/n/snownews/snownews.fake.destdir.diff
@@ -0,0 +1,15 @@
+--- ./Config.mk.orig	2018-05-07 16:40:21.596003821 -0500
++++ ./Config.mk	2018-05-07 16:45:44.398003832 -0500
+@@ -9,10 +9,10 @@
+ INSTALLSCR	:= ${INSTALL} -D -p -m 755
+ INSTALLDATA	:= ${INSTALL} -D -p -m 644
+ 
+-PREFIX		:= /usr
++PREFIX		:= /tmp/package-snownews/usr
+ BINDIR		:= ${PREFIX}/bin
+ LOCALEPATH	:= ${PREFIX}/share/locale
+-MANPATH		:= /usr/man
++MANPATH		:= ${PREFIX}/man
+ 
+ CFLAGS		:= -Wall -Wextra -Os -std=c11 -D_GNU_SOURCE -D_DEFAULT_SOURCE -I/usr/include/libxml2
+ LDFLAGS		:= -lcrypto -lxml2 -lncurses -lz -lm
diff --git a/source/n/sshfs/slack-desc b/source/n/sshfs/slack-desc
new file mode 100644
index 000000000..73ce18391
--- /dev/null
+++ b/source/n/sshfs/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+     |-----handy-ruler-----------------------------------------------------|
+sshfs: sshfs (SSH filesystem client)
+sshfs:
+sshfs: This is a filesystem client based on the SSH File Transfer Protocol.
+sshfs: Since most SSH servers already support this protocol it is very easy
+sshfs: to set up: i.e. on the server side there's nothing to do. On the
+sshfs: client side mounting the filesystem is as easy as logging into the
+sshfs: server with ssh.
+sshfs:
+sshfs: Homepage: https://github.com/libfuse/sshfs
+sshfs:
+sshfs:
diff --git a/source/n/dirmngr/dirmngr.SlackBuild b/source/n/sshfs/sshfs.SlackBuild
index 5ca697c54..bec5a9e61 100755
--- a/source/n/dirmngr/dirmngr.SlackBuild
+++ b/source/n/sshfs/sshfs.SlackBuild
@@ -1,7 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006-2009  Robby Workman, Northport, AL, USA
-# Copyright 2007, 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -10,7 +9,7 @@
 # 1. Redistributions of this script must retain the above copyright
 #    notice, this list of conditions and the following disclaimer.
 #
-#  THIS SCRIPT IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
 #  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 #  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
 #  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
@@ -18,13 +17,16 @@
 #  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
 #  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 #  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-PKGNAM=dirmngr
+PKGNAM=sshfs
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-2}
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -36,13 +38,19 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-NUMJOBS=${NUMJOBS:-" -j7 "}
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
 
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
-elif [ "$ARCH" = "s390" ]; then
-  SLKCFLAGS="-O2"
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686 -mtune=i686"
   LIBDIRSUFFIX=""
 elif [ "$ARCH" = "x86_64" ]; then
   SLKCFLAGS="-O2 -fPIC"
@@ -52,13 +60,12 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
-PKG=$TMP/pkg-$PKGNAM
+PKG=$TMP/package-$PKGNAM
 
 rm -rf $PKG 
 mkdir -p $TMP $PKG
-cd $TMP
+cd $TMP || exit 1
 rm -rf $PKGNAM-$VERSION
 tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
 cd $PKGNAM-$VERSION || exit 1
@@ -69,38 +76,43 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
-zcat $CWD/dirmngr-pth-fix.patch.gz | patch -p0 --verbose || exit 1
-
 CFLAGS="$SLKCFLAGS" \
 CXXFLAGS="$SLKCFLAGS" \
 ./configure \
   --prefix=/usr \
   --libdir=/usr/lib${LIBDIRSUFFIX} \
-  --sysconfdir=/etc \
-  --localstatedir=/var \
   --mandir=/usr/man \
-  --infodir=/usr/info \
+  --bindir=/bin \
+  --sbindir=/sbin \
   --docdir=/usr/doc/$PKGNAM-$VERSION \
-  --build=$ARCH-slackware-linux \
-  --host=$ARCH-slackware-linux
+  --build=${ARCH}-slackware-linux \
+  || exit 1
 
 make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG || exit 1
-
-find $PKG | xargs file | grep -e "executable" -e "shared object" \
-  | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
 
-( cd $PKG/usr/man
-  find . -type f -exec gzip -9 {} \;
-  for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done
-)
+make install DESTDIR=$PKG || exit 1
 
-rm $PKG/usr/info/dir
-gzip -9 $PKG/usr/info/*
+find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
+  | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+# Compress and link manpages, if any:
+if [ -d $PKG/usr/man ]; then
+  ( cd $PKG/usr/man
+    for manpagedir in $(find . -type d -name "man*") ; do
+      ( cd $manpagedir
+        for eachpage in $( find . -type l -maxdepth 1) ; do
+          ln -s $( readlink $eachpage ).gz $eachpage.gz
+          rm $eachpage
+        done
+        gzip -9 *.?
+      )
+    done
+  )
+fi
 
 mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
 cp -a \
-  ABOUT-NLS AUTHORS COPYING INSTALL NEWS README* THANKS TODO \
+  AUTHORS COPYING* CREDITS INSTALL NEWS README* \
   $PKG/usr/doc/$PKGNAM-$VERSION
 
 # If there's a ChangeLog, installing at least part of the recent history
diff --git a/source/n/stunnel/generate-stunnel-key.sh b/source/n/stunnel/generate-stunnel-key.sh
index 6b344964b..b24b4ba8a 100644
--- a/source/n/stunnel/generate-stunnel-key.sh
+++ b/source/n/stunnel/generate-stunnel-key.sh
@@ -2,7 +2,7 @@
 USE_DH=0
 
 openssl req -new -x509 -days 365 -nodes \
-  -config ./stunnel.cnf -out stunnel.pem -keyout stunnel.pem
+  -config ./openssl.cnf -out stunnel.pem -keyout stunnel.pem
 
 test $USE_DH -eq 0 || openssl gendh >> stunnel.pem
 
diff --git a/source/n/stunnel/slack-desc b/source/n/stunnel/slack-desc
index f8ee5bc47..ed9b65d7a 100644
--- a/source/n/stunnel/slack-desc
+++ b/source/n/stunnel/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/stunnel/stunnel.SlackBuild b/source/n/stunnel/stunnel.SlackBuild
index e8940bb36..f464331c0 100755
--- a/source/n/stunnel/stunnel.SlackBuild
+++ b/source/n/stunnel/stunnel.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,6 +20,7 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=stunnel
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
@@ -35,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -51,7 +60,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-stunnel
 
@@ -80,7 +88,7 @@ CFLAGS="$SLKCFLAGS" \
   --sbindir=/usr/sbin \
   --bindir=/usr/bin \
   --localstatedir=/var \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 
@@ -94,7 +102,7 @@ mkdir -p $PKG/usr/sbin
 
 mkdir -p $PKG/var/run/stunnel
 # This will produce a useless key.
-make -i install DESTDIR=$PKG
+make install DESTDIR=$PKG || exit 1
 # Get rid of key, so nobody tries to use it:
 rm -f $PKG/etc/stunnel/stunnel.pem
 # Add cnf:
diff --git a/source/n/stunnel/stunnel.url b/source/n/stunnel/stunnel.url
new file mode 100644
index 000000000..01a60a7e0
--- /dev/null
+++ b/source/n/stunnel/stunnel.url
@@ -0,0 +1 @@
+https://www.stunnel.org/downloads.html
diff --git a/source/n/tcp_wrappers/slack-desc b/source/n/tcp_wrappers/slack-desc
index be7131e74..3bc77cd29 100644
--- a/source/n/tcp_wrappers/slack-desc
+++ b/source/n/tcp_wrappers/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
             |-----handy-ruler------------------------------------------------------|
@@ -10,7 +10,7 @@ tcp_wrappers: tcp_wrappers (TCP/IP daemon wrapper library and utilities)
 tcp_wrappers:
 tcp_wrappers: With this package you can monitor and filter incoming requests for
 tcp_wrappers: network services for access control, and detection things like host
-tcp_wrappers: name spoofing and host address spoofing.  Nearly all the network
+tcp_wrappers: name spoofing and host address spoofing. Nearly all the network
 tcp_wrappers: daemons on Slackware are "wrapped" using this library, and most
 tcp_wrappers: daemons in /etc/inetd.conf use tcp_wrappers' tcpd wrapper daemon.
 tcp_wrappers: If you plan to do much networking, you will need tcp_wrappers.
diff --git a/source/n/tcp_wrappers/tcp_wrappers.SlackBuild b/source/n/tcp_wrappers/tcp_wrappers.SlackBuild
index 7f9ad0d48..86e1856b4 100755
--- a/source/n/tcp_wrappers/tcp_wrappers.SlackBuild
+++ b/source/n/tcp_wrappers/tcp_wrappers.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
@@ -20,20 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=tcp_wrappers
 VERSION=7.6
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "x86_64" ]; then
@@ -42,7 +52,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-tcp_wrappers
 
@@ -63,7 +72,7 @@ find . \
 
 sh extract-and-patch.sh
 cd tcp_wrappers_$VERSION || exit 1
-make REAL_DAEMON_DIR=/usr/sbin linux
+make REAL_DAEMON_DIR=/usr/sbin linux || exit 1
 strip tcpd safe_finger tcpdchk tcpdmatch try-from
 mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}
 cat libwrap.a > $PKG/usr/lib${LIBDIRSUFFIX}/libwrap.a
diff --git a/source/n/tcpdump/slack-desc b/source/n/tcpdump/slack-desc
index 5e9696434..f51ed438a 100644
--- a/source/n/tcpdump/slack-desc
+++ b/source/n/tcpdump/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 tcpdump: tcpdump (network monitoring tool)
 tcpdump:
-tcpdump: Tcpdump is a tool for network monitoring and data acquisition.  You
+tcpdump: Tcpdump is a tool for network monitoring and data acquisition. You
 tcpdump: can use it to dump information on all the packets on a network that
-tcpdump: match a boolean expression.  Tcpdump uses libpcap, a system
+tcpdump: match a boolean expression. Tcpdump uses libpcap, a system
 tcpdump: independent interface for user-level packet capture.
 tcpdump:
-tcpdump: Project homepage:  http://www.tcpdump.org
+tcpdump: Project homepage: http://www.tcpdump.org
 tcpdump:
 tcpdump:
 tcpdump:
diff --git a/source/n/tcpdump/tcpdump.SlackBuild b/source/n/tcpdump/tcpdump.SlackBuild
index 78cfae889..5ef1bf727 100755
--- a/source/n/tcpdump/tcpdump.SlackBuild
+++ b/source/n/tcpdump/tcpdump.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=tcpdump
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -34,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "x86_64" ]; then
@@ -42,7 +52,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-tcpdump
 
@@ -55,7 +64,7 @@ rm -rf tcpdump-$VERSION
 # To (try to) avoid weird errors, take an axe to this:
 rm -rf $TMP/libpcap-?.?.?
 
-tar xvf $CWD/tcpdump-$VERSION.tar.gz || exit 1
+tar xvf $CWD/tcpdump-$VERSION.tar.xz || exit 1
 cd tcpdump-$VERSION || exit 1
 find . -type d -name CVS -depth -exec rm -rf {} \;
 chown -R root:root .
@@ -71,7 +80,8 @@ find . \
   --mandir=/usr/man \
   --docdir=/usr/doc/tcpdump-$VERSION \
   --enable-ipv6 \
-  --build=$ARCH-slackware-linux
+  --build=$ARCH-slackware-linux || exit 1
+
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
diff --git a/source/n/telnet/slack-desc b/source/n/telnet/slack-desc
index 2eb4d62ec..8a1c7d5a2 100644
--- a/source/n/telnet/slack-desc
+++ b/source/n/telnet/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
 telnet: telnet (the telnet client and daemon)
 telnet:
 telnet: telnet supports the original DARPA telnet interactive communication
-telnet: protocol.  As connecting to a telnetd server transmits your password
+telnet: protocol. As connecting to a telnetd server transmits your password
 telnet: over the network in cleartext, telnet's use as a login protocol has
-telnet: been mostly superseded by the use of ssh and sshd.  However, the
+telnet: been mostly superseded by the use of ssh and sshd. However, the
 telnet: telnet client is still a very handy tool, and telnetd may still have
 telnet: some uses on networks that are known to be secure.
 telnet:
diff --git a/source/n/telnet/telnet.SlackBuild b/source/n/telnet/telnet.SlackBuild
index d52349300..5aadcf821 100755
--- a/source/n/telnet/telnet.SlackBuild
+++ b/source/n/telnet/telnet.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2007-2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2007-2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=telnet
 VERSION=0.17
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-telnet
 
@@ -43,14 +52,14 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf netkit-telnet-$VERSION
-tar xzvf $CWD/netkit-telnet-$VERSION.tar.gz
-cd netkit-telnet-$VERSION
+tar xvf $CWD/netkit-telnet-$VERSION.tar.gz || exit 1
+cd netkit-telnet-$VERSION || exit 1
 chown -R root:root .
 zcat $CWD/netkit-telnet-0.17.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
 zcat $CWD/netkit-telnet-0.17-ayt.patch.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
-./configure --prefix=/usr
+./configure --prefix=/usr || exit 1
 cd telnetd
-make
+make || exit 1
 strip telnetd
 mkdir -p $PKG/usr/sbin
 cat telnetd > $PKG/usr/sbin/in.telnetd
@@ -63,7 +72,7 @@ rm -rf telnet
 tar xzvf $CWD/telnet-OpenBSD-20020321.tar.gz
 zcat $CWD/telnet-OpenBSD-20020321.diff.gz | patch -p1 --verbose || exit
 zcat $CWD/telnet-OpenBSD-014_telnet.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit
-( cd telnet ; make )
+( cd telnet ; make || exit 1 ) || exit 1
 cd telnet
 strip telnet
 mkdir -p $PKG/bin
diff --git a/source/n/tftp-hpa/slack-desc b/source/n/tftp-hpa/slack-desc
index 02aaa3d8f..ff642280f 100644
--- a/source/n/tftp-hpa/slack-desc
+++ b/source/n/tftp-hpa/slack-desc
@@ -1,17 +1,17 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
         |-----handy-ruler------------------------------------------------------|
 tftp-hpa: tftp-hpa (Trivial File Transfer Protocol)
 tftp-hpa:
 tftp-hpa: The Trivial File Transfer Protocol (TFTP) is normally used only for
-tftp-hpa: booting diskless workstations (or the Slackware installer).  The tftp
+tftp-hpa: booting diskless workstations (or the Slackware installer). The tftp
 tftp-hpa: package provides the user interface for TFTP, which allows users to
-tftp-hpa: transfer files to and from a remote machine.  This program and TFTP
+tftp-hpa: transfer files to and from a remote machine. This program and TFTP
 tftp-hpa: provide very little security, and should not be enabled unless it is
 tftp-hpa: expressly needed.
 tftp-hpa:
diff --git a/source/n/tftp-hpa/tftp-hpa.SlackBuild b/source/n/tftp-hpa/tftp-hpa.SlackBuild
index 0e783c93f..ce6429b66 100755
--- a/source/n/tftp-hpa/tftp-hpa.SlackBuild
+++ b/source/n/tftp-hpa/tftp-hpa.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2013  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2013, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,24 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=tftp-hpa
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-tftp-hpa
 
diff --git a/source/n/tin/slack-desc b/source/n/tin/slack-desc
index 5479cbd26..8f5c34e34 100644
--- a/source/n/tin/slack-desc
+++ b/source/n/tin/slack-desc
@@ -1,16 +1,16 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
    |-----handy-ruler------------------------------------------------------|
 tin: tin (the Tin newsreader)
 tin:
-tin: Tin is a full-screen, easy-to-use Netnews reader.  It can read news
+tin: Tin is a full-screen, easy-to-use Netnews reader. It can read news
 tin: locally (i.e. /var/spool/news) or remotely (rtin or tin -r option)
-tin: via a NNTP (Network News Transport Protocol) server.  It will
+tin: via a NNTP (Network News Transport Protocol) server. It will
 tin: automatically utilize NOV (news overview) style index files if
 tin: available locally or via the nntp xover command.
 tin:
diff --git a/source/n/tin/tin-2.2.1.tar.xz.sign b/source/n/tin/tin-2.2.1.tar.xz.sign
deleted file mode 100644
index 382b3f9eb..000000000
--- a/source/n/tin/tin-2.2.1.tar.xz.sign
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN PGP MESSAGE-----
-Version: 2.6.3ia
-
-iQCVAwUAU2YiAFpJVQ60kLTRAQE5JAP/b5DEPA7cg3TPGX9tbu0wP1JELHPLz7i6
-4VW9l/jGLn+hE9Se3DIYa4uWVgSePDkjCbm1rLEaOK6ztu7pIejbT45zZyWyecvx
-YmsnPoSWVxcA8AUBl4Xl16npRHRXOMz2WVnV1kpKPLS7Dhn06Iq25n/vXygTih68
-8V8r/w4DLMA=
-=IK1p
------END PGP MESSAGE-----
diff --git a/source/n/tin/tin-2.4.2.tar.xz.sign b/source/n/tin/tin-2.4.2.tar.xz.sign
new file mode 100644
index 000000000..b78beb92d
--- /dev/null
+++ b/source/n/tin/tin-2.4.2.tar.xz.sign
@@ -0,0 +1,9 @@
+-----BEGIN PGP MESSAGE-----
+Version: 2.6.3ia
+
+iQCVAwUAWj+Vg1pJVQ60kLTRAQFCoAQAsD66zZF7YtuYFEzOlBE/Fn8JqY/VVbZZ
+ERkUU2KLkOI5MQ6wv1OflAhXvQKCdj+WU167V/NcHOV2FyeyVGZadzCS03KC9/1x
+Khwens50qP7fHh3Nd8SRuBFT3fQROpo6vVjA7j3csClt+RWuPAH9Qt6xdMm3F+fC
+J+GkDohzUoQ=
+=z2Y4
+-----END PGP MESSAGE-----
diff --git a/source/n/tin/tin.SlackBuild b/source/n/tin/tin.SlackBuild
index b8304b186..05668750e 100755
--- a/source/n/tin/tin.SlackBuild
+++ b/source/n/tin/tin.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2013, 2014  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2013, 2014, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,6 +20,7 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=tin
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
@@ -35,7 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-tin
 
diff --git a/source/n/traceroute/slack-desc b/source/n/traceroute/slack-desc
index 864112fec..e10a0a41c 100644
--- a/source/n/traceroute/slack-desc
+++ b/source/n/traceroute/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
           |-----handy-ruler------------------------------------------------------|
 traceroute: traceroute (IP packet route tracing utility)
 traceroute:
 traceroute: The traceroute utility displays the route used by IP packets on their
-traceroute: way to a specified network host.  Traceroute will display the IP
+traceroute: way to a specified network host. Traceroute will display the IP
 traceroute: number and host name (if possible) of all the machines along the route
-traceroute: taken by the packets.  If you're having network connectivity problems,
+traceroute: taken by the packets. If you're having network connectivity problems,
 traceroute: traceroute can show you where the trouble is located.
 traceroute:
-traceroute:
+traceroute: Homepage: http://traceroute.sourceforge.net
 traceroute:
 traceroute:
diff --git a/source/n/traceroute/traceroute.SlackBuild b/source/n/traceroute/traceroute.SlackBuild
index bf90465ec..a29d29fae 100755
--- a/source/n/traceroute/traceroute.SlackBuild
+++ b/source/n/traceroute/traceroute.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=traceroute
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
@@ -35,6 +36,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "x86_64" ]; then
@@ -44,7 +53,6 @@ else
 fi
 
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-traceroute
 
@@ -53,7 +61,7 @@ mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf traceroute-$VERSION
-tar xvf $CWD/traceroute-$VERSION.tar.gz || exit 1
+tar xvf $CWD/traceroute-$VERSION.tar.xz || exit 1
 cd traceroute-$VERSION || exit 1
 chown -R root:root .
 find . \
diff --git a/source/n/trn/config.sh b/source/n/trn/config.sh
deleted file mode 100644
index c202d8f47..000000000
--- a/source/n/trn/config.sh
+++ /dev/null
@@ -1,220 +0,0 @@
-#!/bin/sh
-#
-# This file was produced by running the Configure script. It holds all the
-# definitions figured out by Configure. Should you modify one of these values,
-# do not forget to propagate your changes by running "Configure -der". You may
-# instead choose to run each of the .SH files by yourself, or "Configure -S".
-#
-
-# Configuration time: Wed Mar  6 18:27:57 PST 2002
-# Configured by: root
-# Target system: linux fuzzy 1.1.73 #1 mon dec 19 21:32:00 cst 1994 i486 
-
-d_bsd='undef'
-d_eunice='undef'
-d_xenix='undef'
-eunicefix=':'
-Mcc='Mcc'
-awk='awk'
-basename='basename'
-bash='bash'
-cat='cat'
-cp='cp'
-cpp='cpp'
-csh='csh'
-date='date'
-diff='diff'
-echo='echo'
-ed='ed'
-egrep='egrep'
-expr='expr'
-grep='grep'
-inews='inews'
-ispell='ispell'
-ksh='ksh'
-less='less'
-lint=''
-mail='mail'
-metamail='metamail'
-mhn='mhn'
-mkdir='mkdir'
-more='more'
-munpack='munpack'
-mv='mv'
-nroff='nroff'
-pg='pg'
-rm='rm'
-rmail='rmail'
-sed='sed'
-sendmail='sendmail'
-smail='smail'
-sort='sort'
-spell='spell'
-tail='tail'
-test='test'
-tr='tr'
-uname='uname'
-uniq='uniq'
-uuname='uuname'
-vi='vi'
-vspell=''
-who=''
-hint='previous'
-myuname='linux fuzzy 1.1.73 #1 mon dec 19 21:32:00 cst 1994 i486 '
-srcdir='.'
-vincludes=''
-vpath='.'
-Id='$Id'
-Log='$Log'
-active='none'
-acttimes='nntp'
-d_acttimes='define'
-myactive='.falseactive'
-bin='/usr/bin'
-binexp='/usr/bin'
-installbin='/usr/bin'
-cc='gcc'
-ccflags=''
-cppflags=''
-ldflags='-s'
-lkflags=''
-optimize='-O2'
-cf_by='root'
-cf_time='Wed Mar  6 18:27:57 PST 2002'
-contains='grep'
-cpplast='-'
-cppminus='-'
-cpprun='gcc -E'
-cppstdin='gcc -E'
-d_ftime='define'
-aphostcmd=''
-d_gethname='undef'
-d_phostcmd='undef'
-d_uname='undef'
-d_getpwent='define'
-d_getcwd='undef'
-d_getwd='define'
-d_havetlib='define'
-termlib='-ltermcap'
-d_ignoreorg='undef'
-d_internet='define'
-d_memcmp='define'
-d_memcpy='define'
-d_memset='define'
-d_mimeshow='undef'
-d_mimestore='undef'
-mimeshow="none"
-mimestore="none"
-d_newsadm='define'
-newsadmin='news'
-d_nntp='define'
-d_xdata='define'
-d_genauth='define'
-servername='/etc/nntpserver'
-d_nolnbuf='undef'
-d_normsig='define'
-jobslib=''
-d_novoid='undef'
-void=''
-d_portable='define'
-d_rdchk='undef'
-d_rename='define'
-d_sigblock='define'
-d_sighold='define'
-d_sizet='undef'
-d_strccmp='define'
-d_strchr='define'
-d_strftime='define'
-strftimec=''
-strftimeo=''
-d_libndir='undef'
-d_usendir='undef'
-libndir=''
-ndirc=''
-ndiro=''
-d_vfork='define'
-d_voidsig='define'
-signal_t='void'
-defeditor='/usr/bin/vi'
-filexp='/usr/lib/trn/filexp'
-d_dirnamlen=''
-i_dirent='define'
-i_ptem='undef'
-i_stdlib='define'
-i_string='define'
-strings='/usr/include/string.h'
-i_sysdir='define'
-d_voidtty=''
-i_bsdioctl=''
-i_sysfilio='undef'
-i_sysioctl='define'
-i_syssockio=''
-i_sysndir='undef'
-i_sgtty='undef'
-i_termio='undef'
-i_termios='define'
-i_systime='define'
-i_time='define'
-i_unistd='define'
-i_vfork='undef'
-ispell_options='-x'
-ispell_prg='/usr/bin/ispell'
-libc='/usr/lib/libc.a'
-plibpth='/usr/ccs/lib /usr/lib /usr/ucblib /usr/local/lib'
-xlibpth='/usr/lib/386 /lib/386'
-libs=' '
-citydist='none'
-cntrydist='none'
-contdist='none'
-locdist='none'
-multistatedist='none'
-orgdist='none'
-statedist='none'
-mailer='/usr/sbin/sendmail'
-mailfile='/var/spool/mail/%L'
-installmansrc='/usr/man/man1'
-manext='1'
-mansrc='/usr/man/man1'
-mansrcexp='/usr/man/man1'
-mboxchar='F'
-c=''
-n='-n'
-d_berknames='define'
-d_passnames='define'
-d_usgnames='undef'
-nametype='bsd'
-inewsloc='/usr/bin/inews'
-newslib='/tmp'
-newslibexp='/tmp'
-newsspool='/tmp'
-orgname='/etc/organization'
-package='trn'
-spackage='Trn'
-pager='/bin/more'
-phost='/etc/HOSTNAME'
-phostcmd=''
-prefshell='/bin/bash'
-installprivlib='/usr/lib/trn'
-privlib='/usr/lib/trn'
-privlibexp='/usr/lib/trn'
-rootid='0'
-sharpbang='#!'
-shsharp='true'
-spitshell='cat'
-startsh='#!/bin/sh'
-sysman='/usr/man/man1'
-d_usemt='define'
-d_useov='define'
-overviewdir='/tmp'
-threaddir='/tmp'
-trn_init='FALSE'
-trn_select='TRUE'
-nm_opt=''
-runnm='true'
-usenm='true'
-incpath=''
-mips=''
-mips_type=''
-usrinc='/usr/include'
-PATCHLEVEL="3.6 (20 Nov 1994)"
-CONFIG=true
diff --git a/source/n/trn/config.x86_64.sh b/source/n/trn/config.x86_64.sh
deleted file mode 100644
index d6c8f5325..000000000
--- a/source/n/trn/config.x86_64.sh
+++ /dev/null
@@ -1,220 +0,0 @@
-#!/bin/sh
-#
-# This file was produced by running the Configure script. It holds all the
-# definitions figured out by Configure. Should you modify one of these values,
-# do not forget to propagate your changes by running "Configure -der". You may
-# instead choose to run each of the .SH files by yourself, or "Configure -S".
-#
-
-# Configuration time: Wed Mar  6 18:27:57 PST 2002
-# Configured by: root
-# Target system: linux fuzzy 1.1.73 #1 mon dec 19 21:32:00 cst 1994 i486 
-
-d_bsd='undef'
-d_eunice='undef'
-d_xenix='undef'
-eunicefix=':'
-Mcc='Mcc'
-awk='awk'
-basename='basename'
-bash='bash'
-cat='cat'
-cp='cp'
-cpp='cpp'
-csh='csh'
-date='date'
-diff='diff'
-echo='echo'
-ed='ed'
-egrep='egrep'
-expr='expr'
-grep='grep'
-inews='inews'
-ispell='ispell'
-ksh='ksh'
-less='less'
-lint=''
-mail='mail'
-metamail='metamail'
-mhn='mhn'
-mkdir='mkdir'
-more='more'
-munpack='munpack'
-mv='mv'
-nroff='nroff'
-pg='pg'
-rm='rm'
-rmail='rmail'
-sed='sed'
-sendmail='sendmail'
-smail='smail'
-sort='sort'
-spell='spell'
-tail='tail'
-test='test'
-tr='tr'
-uname='uname'
-uniq='uniq'
-uuname='uuname'
-vi='vi'
-vspell=''
-who=''
-hint='previous'
-myuname='linux fuzzy 1.1.73 #1 mon dec 19 21:32:00 cst 1994 i486 '
-srcdir='.'
-vincludes=''
-vpath='.'
-Id='$Id'
-Log='$Log'
-active='none'
-acttimes='nntp'
-d_acttimes='define'
-myactive='.falseactive'
-bin='/usr/bin'
-binexp='/usr/bin'
-installbin='/usr/bin'
-cc='gcc'
-ccflags=''
-cppflags=''
-ldflags='-s'
-lkflags=''
-optimize='-O2 -fPIC'
-cf_by='root'
-cf_time='Wed Mar  6 18:27:57 PST 2002'
-contains='grep'
-cpplast='-'
-cppminus='-'
-cpprun='gcc -E'
-cppstdin='gcc -E'
-d_ftime='define'
-aphostcmd=''
-d_gethname='undef'
-d_phostcmd='undef'
-d_uname='undef'
-d_getpwent='define'
-d_getcwd='undef'
-d_getwd='define'
-d_havetlib='define'
-termlib='-ltermcap'
-d_ignoreorg='undef'
-d_internet='define'
-d_memcmp='define'
-d_memcpy='define'
-d_memset='define'
-d_mimeshow='undef'
-d_mimestore='undef'
-mimeshow="none"
-mimestore="none"
-d_newsadm='define'
-newsadmin='news'
-d_nntp='define'
-d_xdata='define'
-d_genauth='define'
-servername='/etc/nntpserver'
-d_nolnbuf='undef'
-d_normsig='define'
-jobslib=''
-d_novoid='undef'
-void=''
-d_portable='define'
-d_rdchk='undef'
-d_rename='define'
-d_sigblock='define'
-d_sighold='define'
-d_sizet='undef'
-d_strccmp='define'
-d_strchr='define'
-d_strftime='define'
-strftimec=''
-strftimeo=''
-d_libndir='undef'
-d_usendir='undef'
-libndir=''
-ndirc=''
-ndiro=''
-d_vfork='define'
-d_voidsig='define'
-signal_t='void'
-defeditor='/usr/bin/vi'
-filexp='/usr/lib64/trn/filexp'
-d_dirnamlen=''
-i_dirent='define'
-i_ptem='undef'
-i_stdlib='define'
-i_string='define'
-strings='/usr/include/string.h'
-i_sysdir='define'
-d_voidtty=''
-i_bsdioctl=''
-i_sysfilio='undef'
-i_sysioctl='define'
-i_syssockio=''
-i_sysndir='undef'
-i_sgtty='undef'
-i_termio='undef'
-i_termios='define'
-i_systime='define'
-i_time='define'
-i_unistd='define'
-i_vfork='undef'
-ispell_options='-x'
-ispell_prg='/usr/bin/ispell'
-libc='/usr/lib64/libc.a'
-plibpth='/usr/ccs/lib64 /usr/lib64 /usr/ucblib64 /usr/local/lib64'
-xlibpth='/usr/lib64/x86_64 /lib64/x86_64'
-libs=' '
-citydist='none'
-cntrydist='none'
-contdist='none'
-locdist='none'
-multistatedist='none'
-orgdist='none'
-statedist='none'
-mailer='/usr/sbin/sendmail'
-mailfile='/var/spool/mail/%L'
-installmansrc='/usr/man/man1'
-manext='1'
-mansrc='/usr/man/man1'
-mansrcexp='/usr/man/man1'
-mboxchar='F'
-c=''
-n='-n'
-d_berknames='define'
-d_passnames='define'
-d_usgnames='undef'
-nametype='bsd'
-inewsloc='/usr/bin/inews'
-newslib='/tmp'
-newslibexp='/tmp'
-newsspool='/tmp'
-orgname='/etc/organization'
-package='trn'
-spackage='Trn'
-pager='/bin/more'
-phost='/etc/HOSTNAME'
-phostcmd=''
-prefshell='/bin/bash'
-installprivlib='/usr/lib64/trn'
-privlib='/usr/lib64/trn'
-privlibexp='/usr/lib64/trn'
-rootid='0'
-sharpbang='#!'
-shsharp='true'
-spitshell='cat'
-startsh='#!/bin/sh'
-sysman='/usr/man/man1'
-d_usemt='define'
-d_useov='define'
-overviewdir='/tmp'
-threaddir='/tmp'
-trn_init='FALSE'
-trn_select='TRUE'
-nm_opt=''
-runnm='true'
-usenm='true'
-incpath=''
-mips=''
-mips_type=''
-usrinc='/usr/include'
-PATCHLEVEL="3.6 (20 Nov 1994)"
-CONFIG=true
diff --git a/source/n/trn/slack-desc b/source/n/trn/slack-desc
deleted file mode 100644
index b6e638850..000000000
--- a/source/n/trn/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-   |-----handy-ruler------------------------------------------------------|
-trn: trn (a threaded newsreader)
-trn:
-trn: A threaded news reader for reading a remote NNTP server.  Compiled to
-trn: use Overviews or mthreads, and to read news through your NNTP server.
-trn: Be sure to set NNTPSERVER in your /etc/profile or /etc/csh.login. 
-trn:
-trn:
-trn:
-trn:
-trn:
-trn:
diff --git a/source/n/trn/trn.SlackBuild b/source/n/trn/trn.SlackBuild
deleted file mode 100755
index 4857e5141..000000000
--- a/source/n/trn/trn.SlackBuild
+++ /dev/null
@@ -1,88 +0,0 @@
-#!/bin/sh
-
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
-# All rights reserved.
-#
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-#
-# 1. Redistributions of this script must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
-#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
-#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-
-VERSION=3.6
-BUILD=${BUILD:-2}
-
-# Automatically determine the architecture we're building on:
-if [ -z "$ARCH" ]; then
-  case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
-    arm*) export ARCH=arm ;;
-    # Unless $ARCH is already set, use uname -m for all other archs:
-       *) export ARCH=$( uname -m ) ;;
-  esac
-fi
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-trn
-
-rm -rf $PKG
-mkdir -p $TMP $PKG
-
-# Explode the package framework:
-cd $PKG
-explodepkg $CWD/_trn.tar.gz
-
-echo "+============================================+"
-echo "| trn-$VERSION for NNTP (with mthreads/Overviews) |"
-echo "+============================================+"
-cd $TMP
-rm -rf trn-$VERSION
-tar xvf $CWD/trn-$VERSION.tar.gz || exit 1
-cd trn-$VERSION || exit 1
-#zcat $CWD/trn-$VERSION.nntp.diff.gz | patch -p1
-if [ "$ARCH" = "x86_64" ]; then
-  zcat $CWD/config.x86_64.sh.gz > config.sh
-else
-  zcat $CWD/config.sh.gz > config.sh
-fi
-# Here, just take the defaults.  If you get a "whoa there!", use
-# the newly detected value, not the old one.
-./Configure -f config.sh
-
-make clean
-make || exit 1
-
-cat Pnews > $PKG/usr/bin/Pnews
-cat Rnmail > $PKG/usr/bin/Rnmail
-cat newsetup > $PKG/usr/bin/newsetup
-cat newsgroups > $PKG/usr/bin/newsgroups
-cat nntplist > $PKG/usr/bin/nntplist
-cat trn > $PKG/usr/bin/trn
-cat trn-artchk > $PKG/usr/bin/trn-artchk
-cat trn > $PKG/usr/bin/trn
-cat Pnews.1 | gzip -9c > $PKG/usr/man/man1/Pnews.1.gz
-cat Rnmail.1 | gzip -9c > $PKG/usr/man/man1/Rnmail.1.gz
-cat newsetup.1 | gzip -9c > $PKG/usr/man/man1/newsetup.1.gz
-cat newsgroups.1 | gzip -9c > $PKG/usr/man/man1/newsgroups.1.gz
-cat trn.1 | gzip -9c > $PKG/usr/man/man1/trn.1.gz
-
-mkdir -p $PKG/install
-cat $CWD/slack-desc > $PKG/install/slack-desc
-
-# Build the package:
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/trn-$VERSION-$ARCH-$BUILD.txz
-
diff --git a/source/n/ulogd/slack-desc b/source/n/ulogd/slack-desc
index ce1298f9e..4aa1c5e95 100644
--- a/source/n/ulogd/slack-desc
+++ b/source/n/ulogd/slack-desc
@@ -2,18 +2,18 @@
 # The "handy ruler" below makes it easier to edit a package description.
 # Line up the first '|' above the ':' following the base package name, and
 # the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct.  It's also
+# You must make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':' except on otherwise blank lines.
 
      |-----handy-ruler------------------------------------------------------|
 ulogd: ulogd (Userspace Logging Daemon)
 ulogd:
 ulogd: ulogd is a userspace logging daemon for netfilter/iptables related 
-ulogd: logging.  This includes per-packet logging of security violations, 
+ulogd: logging. This includes per-packet logging of security violations, 
 ulogd: per-packet logging for accounting, per-flow logging and flexible 
 ulogd: user-defined accounting. 
 ulogd:
-ulogd:
+ulogd: Homepage: https://www.netfilter.org/projects/ulogd/index.html
 ulogd:
 ulogd:
 ulogd:
diff --git a/source/n/ulogd/ulogd.SlackBuild b/source/n/ulogd/ulogd.SlackBuild
index 3dac90826..1ffd08223 100755
--- a/source/n/ulogd/ulogd.SlackBuild
+++ b/source/n/ulogd/ulogd.SlackBuild
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 # Slackware build script for ulogd
 
@@ -22,8 +22,10 @@
 # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=ulogd
-VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -38,7 +40,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -56,13 +65,11 @@ else
   LIBDIRSUFFIX=""
 fi
 
-set -e
-
 rm -rf $PKG 
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf $PKGNAM-$VERSION
-tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
 cd $PKGNAM-$VERSION || exit 1
 chown -R root:root .
 chmod -R a-s,u+w,go+r-w .
@@ -80,10 +87,10 @@ CFLAGS="$SLKCFLAGS" \
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
 
-cd doc
+( cd doc
   sgml2txt ulogd.sgml
   sgml2html -s 0 ulogd.sgml
-cd ..
+)
 
 find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \
   grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
diff --git a/source/n/uucp/slack-desc b/source/n/uucp/slack-desc
index a54bccae4..152214d09 100644
--- a/source/n/uucp/slack-desc
+++ b/source/n/uucp/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/uucp/uucp.SlackBuild b/source/n/uucp/uucp.SlackBuild
index c45109d64..f749bac80 100755
--- a/source/n/uucp/uucp.SlackBuild
+++ b/source/n/uucp/uucp.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,21 +20,32 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=uucp
 VERSION=1.07
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
 elif [ "$ARCH" = "x86_64" ]; then
@@ -43,7 +54,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-uucp
 
diff --git a/source/n/vlan/slack-desc b/source/n/vlan/slack-desc
index 23dcc65d0..717184e05 100644
--- a/source/n/vlan/slack-desc
+++ b/source/n/vlan/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
 vlan: vlan (VLAN (802.1q) configuration program)
 vlan:
 vlan: The vlan package contains the vconfig program, which allows you to
-vlan: create and remove VLAN devices on a VLAN enabled kernel.  VLAN
+vlan: create and remove VLAN devices on a VLAN enabled kernel. VLAN
 vlan: devices are virtual Ethernet devices which represent virtual LANs on
 vlan: the physical LAN.
 vlan:
diff --git a/source/n/vlan/vlan.SlackBuild b/source/n/vlan/vlan.SlackBuild
index 63f4d53f4..165cd840b 100755
--- a/source/n/vlan/vlan.SlackBuild
+++ b/source/n/vlan/vlan.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,20 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=vlan
 VERSION=1.9
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-vlan
 
diff --git a/source/n/vsftpd/0021-Introduce-support-for-DHE-based-cipher-suites.patch b/source/n/vsftpd/0021-Introduce-support-for-DHE-based-cipher-suites.patch
new file mode 100644
index 000000000..ad7e5bae5
--- /dev/null
+++ b/source/n/vsftpd/0021-Introduce-support-for-DHE-based-cipher-suites.patch
@@ -0,0 +1,226 @@
+From 4eac1dbb5f70a652d31847eec7c28d245f36cdbb Mon Sep 17 00:00:00 2001
+From: Martin Sehnoutka <msehnout@redhat.com>
+Date: Thu, 17 Nov 2016 10:48:28 +0100
+Subject: [PATCH 21/33] Introduce support for DHE based cipher suites.
+
+---
+ parseconf.c   |  1 +
+ ssl.c         | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
+ tunables.c    |  5 +++-
+ tunables.h    |  1 +
+ vsftpd.conf.5 |  6 ++++
+ 5 files changed, 104 insertions(+), 2 deletions(-)
+
+diff --git a/parseconf.c b/parseconf.c
+index 3e0dba4..38e3182 100644
+--- a/parseconf.c
++++ b/parseconf.c
+@@ -176,6 +176,7 @@ parseconf_str_array[] =
+   { "email_password_file", &tunable_email_password_file },
+   { "rsa_cert_file", &tunable_rsa_cert_file },
+   { "dsa_cert_file", &tunable_dsa_cert_file },
++  { "dh_param_file", &tunable_dh_param_file },
+   { "ssl_ciphers", &tunable_ssl_ciphers },
+   { "rsa_private_key_file", &tunable_rsa_private_key_file },
+   { "dsa_private_key_file", &tunable_dsa_private_key_file },
+diff --git a/ssl.c b/ssl.c
+index c362983..22b69b3 100644
+--- a/ssl.c
++++ b/ssl.c
+@@ -28,6 +28,8 @@
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+ #include <openssl/bio.h>
++#include <openssl/dh.h>
++#include <openssl/bn.h>
+ #include <errno.h>
+ #include <limits.h>
+ 
+@@ -38,6 +40,7 @@ static void setup_bio_callbacks();
+ static long bio_callback(
+   BIO* p_bio, int oper, const char* p_arg, int argi, long argl, long retval);
+ static int ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx);
++static DH *ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength);
+ static int ssl_cert_digest(
+   SSL* p_ssl, struct vsf_session* p_sess, struct mystr* p_str);
+ static void maybe_log_shutdown_state(struct vsf_session* p_sess);
+@@ -51,6 +54,60 @@ static int ssl_read_common(struct vsf_session* p_sess,
+ static int ssl_inited;
+ static struct mystr debug_str;
+ 
++
++// Grab prime number from OpenSSL; <openssl/bn.h>
++// (get_rfc*) for all available primes.
++// wraps selection of comparable algorithm strength
++#if !defined(match_dh_bits)
++  #define match_dh_bits(keylen) \
++    keylen >= 8191 ? 8192 : \
++    keylen >= 6143 ? 6144 : \
++    keylen >= 4095 ? 4096 : \
++    keylen >= 3071 ? 3072 : \
++    keylen >= 2047 ? 2048 : \
++    keylen >= 1535 ? 1536 : \
++    keylen >= 1023 ? 1024 : 768
++#endif
++
++#if !defined(DH_get_prime)
++  BIGNUM *
++  DH_get_prime(int bits)
++  {
++    switch (bits) {
++      case 768:  return get_rfc2409_prime_768(NULL);
++      case 1024: return get_rfc2409_prime_1024(NULL);
++      case 1536: return get_rfc3526_prime_1536(NULL);
++      case 2048: return get_rfc3526_prime_2048(NULL);
++      case 3072: return get_rfc3526_prime_3072(NULL);
++      case 4096: return get_rfc3526_prime_4096(NULL);
++      case 6144: return get_rfc3526_prime_6144(NULL);
++      case 8192: return get_rfc3526_prime_8192(NULL);
++      // shouldn't happen when used match_dh_bits; strict compiler
++      default:   return NULL;
++    }
++}
++#endif
++
++#if !defined(DH_get_dh)
++  // Grab DH parameters
++  DH *
++  DH_get_dh(int size)
++  {
++    DH *dh = DH_new();
++    if (!dh) {
++      return NULL;
++    }
++    dh->p = DH_get_prime(match_dh_bits(size));
++    BN_dec2bn(&dh->g, "2");
++    if (!dh->p || !dh->g)
++    {
++      DH_free(dh);
++      return NULL;
++    }
++    return dh;
++  }
++#endif
++
+ void
+ ssl_init(struct vsf_session* p_sess)
+ {
+@@ -65,7 +122,7 @@ ssl_init(struct vsf_session* p_sess)
+     {
+       die("SSL: could not allocate SSL context");
+     }
+-    options = SSL_OP_ALL;
++    options = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE;
+     if (!tunable_sslv2)
+     {
+       options |= SSL_OP_NO_SSLv2;
+@@ -111,6 +168,25 @@ ssl_init(struct vsf_session* p_sess)
+         die("SSL: cannot load DSA private key");
+       }
+     }
++    if (tunable_dh_param_file)
++    {
++      BIO *bio;
++      DH *dhparams = NULL;
++      if ((bio = BIO_new_file(tunable_dh_param_file, "r")) == NULL)
++      {
++        die("SSL: cannot load custom DH params");
++      }
++      else
++      {
++        dhparams = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
++        BIO_free(bio);
++
++        if (!SSL_CTX_set_tmp_dh(p_ctx, dhparams))
++	{
++          die("SSL: setting custom DH params failed");
++	}
++      }
++    }
+     if (tunable_ssl_ciphers &&
+         SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
+     {
+@@ -165,6 +241,9 @@ ssl_init(struct vsf_session* p_sess)
+       /* Ensure cached session doesn't expire */
+       SSL_CTX_set_timeout(p_ctx, INT_MAX);
+     }
++    
++    SSL_CTX_set_tmp_dh_callback(p_ctx, ssl_tmp_dh_callback);
++
+     p_sess->p_ssl_ctx = p_ctx;
+     ssl_inited = 1;
+   }
+@@ -702,6 +781,18 @@ ssl_verify_callback(int verify_ok, X509_STORE_CTX* p_ctx)
+   return 1;
+ }
+ 
++#define UNUSED(x) ( (void)(x) )
++
++static DH *
++ssl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
++{
++  // strict compiler bypassing
++  UNUSED(ssl);
++  UNUSED(is_export);
++  
++  return DH_get_dh(keylength);
++}
++
+ void
+ ssl_add_entropy(struct vsf_session* p_sess)
+ {
+diff --git a/tunables.c b/tunables.c
+index c737465..1ea7227 100644
+--- a/tunables.c
++++ b/tunables.c
+@@ -140,6 +140,7 @@ const char* tunable_user_sub_token;
+ const char* tunable_email_password_file;
+ const char* tunable_rsa_cert_file;
+ const char* tunable_dsa_cert_file;
++const char* tunable_dh_param_file;
+ const char* tunable_ssl_ciphers;
+ const char* tunable_rsa_private_key_file;
+ const char* tunable_dsa_private_key_file;
+@@ -288,7 +289,9 @@ tunables_load_defaults()
+   install_str_setting("/usr/share/ssl/certs/vsftpd.pem",
+                       &tunable_rsa_cert_file);
+   install_str_setting(0, &tunable_dsa_cert_file);
+-  install_str_setting("ECDHE-RSA-AES256-GCM-SHA384", &tunable_ssl_ciphers);
++  install_str_setting(0, &tunable_dh_param_file);
++  install_str_setting("AES128-SHA:DES-CBC3-SHA:DHE-RSA-AES256-SHA",
++                      &tunable_ssl_ciphers);
+   install_str_setting(0, &tunable_rsa_private_key_file);
+   install_str_setting(0, &tunable_dsa_private_key_file);
+   install_str_setting(0, &tunable_ca_certs_file);
+diff --git a/tunables.h b/tunables.h
+index 9553038..3995472 100644
+--- a/tunables.h
++++ b/tunables.h
+@@ -142,6 +142,7 @@ extern const char* tunable_user_sub_token;
+ extern const char* tunable_email_password_file;
+ extern const char* tunable_rsa_cert_file;
+ extern const char* tunable_dsa_cert_file;
++extern const char* tunable_dh_param_file;
+ extern const char* tunable_ssl_ciphers;
+ extern const char* tunable_rsa_private_key_file;
+ extern const char* tunable_dsa_private_key_file;
+diff --git a/vsftpd.conf.5 b/vsftpd.conf.5
+index fb6324e..ff94eca 100644
+--- a/vsftpd.conf.5
++++ b/vsftpd.conf.5
+@@ -893,6 +893,12 @@ to be in the same file as the certificate.
+ 
+ Default: (none)
+ .TP
++.B dh_param_file
++This option specifies the location of the custom parameters used for
++ephemeral Diffie-Hellman key exchange in SSL.
++
++Default: (none - use built in parameters appropriate for certificate key size)
++.TP
+ .B email_password_file
+ This option can be used to provide an alternate file for usage by the
+ .BR secure_email_list_enable
+-- 
+2.7.4
+
diff --git a/source/n/vsftpd/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch b/source/n/vsftpd/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch
new file mode 100644
index 000000000..ab3f35c0f
--- /dev/null
+++ b/source/n/vsftpd/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch
@@ -0,0 +1,74 @@
+From 6c8dd87f311e411bcb1c72c1c780497881a5621c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
+Date: Mon, 4 Sep 2017 11:32:03 +0200
+Subject: [PATCH 35/35] Modify DH enablement patch to build with OpenSSL 1.1
+
+---
+ ssl.c | 41 ++++++++++++++++++++++++++++++++++++++---
+ 1 file changed, 38 insertions(+), 3 deletions(-)
+
+diff --git a/ssl.c b/ssl.c
+index ba8a613..09ec96a 100644
+--- a/ssl.c
++++ b/ssl.c
+@@ -88,19 +88,54 @@ static struct mystr debug_str;
+ }
+ #endif
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
++{
++  /* If the fields p and g in d are NULL, the corresponding input
++   * parameters MUST be non-NULL.  q may remain NULL.
++   */
++  if ((dh->p == NULL && p == NULL)
++      || (dh->g == NULL && g == NULL))
++    return 0;
++
++  if (p != NULL) {
++    BN_free(dh->p);
++    dh->p = p;
++  }
++  if (q != NULL) {
++    BN_free(dh->q);
++    dh->q = q;
++  }
++  if (g != NULL) {
++    BN_free(dh->g);
++    dh->g = g;
++  }
++
++  if (q != NULL) {
++    dh->length = BN_num_bits(q);
++  }
++
++  return 1;
++}
++#endif
++
+ #if !defined(DH_get_dh)
+   // Grab DH parameters
+   DH *
+   DH_get_dh(int size)
+   {
++    BIGNUM *g = NULL;
++    BIGNUM *p = NULL;
+     DH *dh = DH_new();
+     if (!dh) {
+       return NULL;
+     }
+-    dh->p = DH_get_prime(match_dh_bits(size));
+-    BN_dec2bn(&dh->g, "2");
+-    if (!dh->p || !dh->g)
++    p = DH_get_prime(match_dh_bits(size));
++    BN_dec2bn(&g, "2");
++    if (!p || !g || !DH_set0_pqg(dh, p, NULL, g))
+     {
++      BN_free(g);
++      BN_free(p);
+       DH_free(dh);
+       return NULL;
+     }
+-- 
+2.9.5
+
diff --git a/source/n/vsftpd/slack-desc b/source/n/vsftpd/slack-desc
index cc4b231ea..f076e1a20 100644
--- a/source/n/vsftpd/slack-desc
+++ b/source/n/vsftpd/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
       |-----handy-ruler------------------------------------------------------|
diff --git a/source/n/vsftpd/vsftpd.SlackBuild b/source/n/vsftpd/vsftpd.SlackBuild
index f03206b67..6c38886a3 100755
--- a/source/n/vsftpd/vsftpd.SlackBuild
+++ b/source/n/vsftpd/vsftpd.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2012, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2016, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,9 +20,11 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=vsftpd
 VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-3}
+BUILD=${BUILD:-5}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
@@ -36,13 +38,20 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "x86_64" ]; then
   LIBDIRSUFFIX="64"
 else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-vsftpd
 
@@ -64,6 +73,11 @@ zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1
 zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1
 zcat $CWD/vsftpd.crypt.diff.gz | patch -p1 --verbose || exit 1
 
+# Support OpenSSL 1.1.x:
+zcat $CWD/0021-Introduce-support-for-DHE-based-cipher-suites.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/0035-Modify-DH-enablement-patch-to-build-with-OpenSSL-1.1.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/vsftpd.link-with-openssl-1.1.diff.gz | patch -p1 --verbose || exit 1
+
 make $NUMJOBS || make || exit 1
 
 mkdir -p $PKG/usr/sbin
diff --git a/source/n/vsftpd/vsftpd.link-with-openssl-1.1.diff b/source/n/vsftpd/vsftpd.link-with-openssl-1.1.diff
new file mode 100644
index 000000000..2ef819a58
--- /dev/null
+++ b/source/n/vsftpd/vsftpd.link-with-openssl-1.1.diff
@@ -0,0 +1,16 @@
+--- ./vsf_findlibs.sh.orig	2012-03-27 21:17:41.000000000 -0500
++++ ./vsf_findlibs.sh	2018-05-07 16:10:58.744003755 -0500
+@@ -68,10 +68,10 @@
+ # Solaris sendfile
+ locate_library /usr/lib/libsendfile.so && echo "-lsendfile";
+ 
+-# OpenSSL
+-if find_func SSL_library_init ssl.o; then
++# Always link with OpenSSL:
++#if find_func SSL_library_init ssl.o; then
+   echo "-lssl -lcrypto";
+-fi
++#fi
+ 
+ exit 0;
+ 
diff --git a/source/n/wget/slack-desc b/source/n/wget/slack-desc
index d023ea373..9ec9e0f70 100644
--- a/source/n/wget/slack-desc
+++ b/source/n/wget/slack-desc
@@ -1,8 +1,8 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
     |-----handy-ruler------------------------------------------------------|
@@ -10,7 +10,7 @@ wget: wget (a non-interactive network retriever)
 wget:
 wget: GNU Wget is a free network utility to retrieve files from the 
 wget: World Wide Web using HTTP and FTP, the two most widely used Internet
-wget: protocols.  It works non-interactively, thus enabling work in the
+wget: protocols. It works non-interactively, thus enabling work in the
 wget: background after having logged off.
 wget:
 wget: The author of Wget is Hrvoje Niksic <hniksic@srce.hr>.
diff --git a/source/n/wget/wget.SlackBuild b/source/n/wget/wget.SlackBuild
index 39c0c54ca..0d15aab3a 100755
--- a/source/n/wget/wget.SlackBuild
+++ b/source/n/wget/wget.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,8 +20,10 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
-VERSION=${VERSION:-$(echo wget-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
+PKGNAM=wget
+VERSION=${VERSION:-$(echo wget-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 BUILD=${BUILD:-1}
 
 NUMJOBS=${NUMJOBS:-" -j7 "}
@@ -36,8 +38,16 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-if [ "$ARCH" = "i386" ]; then
-  SLKCFLAGS="-O2 -march=i386 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
 elif [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
@@ -48,7 +58,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-wget
 
@@ -56,7 +65,7 @@ rm -rf $PKG
 mkdir -p $TMP $PKG
 cd $TMP
 rm -rf wget-$VERSION
-tar xvf $CWD/wget-$VERSION.tar.xz || exit 1
+tar xvf $CWD/wget-$VERSION.tar.?z || exit 1
 cd wget-$VERSION
 
 chown -R root:root .
diff --git a/source/n/whois/slack-desc b/source/n/whois/slack-desc
index a357ec064..bac818d65 100644
--- a/source/n/whois/slack-desc
+++ b/source/n/whois/slack-desc
@@ -1,19 +1,19 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|' on
-# the right side marks the last column you can put a character in.  You must make
-# exactly 11 lines for the formatting to be correct.  It's also customary to
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
 # leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 whois: whois (whois directory client)
 whois:
 whois: This is an enhanced whois (RFC 954) client derived from the BSD and
-whois: RIPE whois programs.  It can automatically select the appropriate
+whois: RIPE whois programs. It can automatically select the appropriate
 whois: whois server for most queries.
 whois:
-whois: This version of whois was written by Marco d'Itri
-whois: For more information, see:  http://www.linux.it/~md/software/
+whois: This version of whois was written by Marco d'Itri.
+whois: For more information, see: http://www.linux.it/~md/software/
 whois:
 whois:
 whois:
diff --git a/source/n/whois/whois.SlackBuild b/source/n/whois/whois.SlackBuild
index b2c02cbe0..8485fe7a7 100755
--- a/source/n/whois/whois.SlackBuild
+++ b/source/n/whois/whois.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2011, 2017, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,6 +20,8 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=whois
 VERSION=${VERSION:-$(echo ${PKGNAM}_*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d _ | rev)}
 BUILD=${BUILD:-1}
@@ -33,7 +35,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
-CWD=$(pwd)
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-whois
 
@@ -50,7 +59,7 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
-make HAVE_LIBIDN=y || exit
+make HAVE_LIBIDN2=y || exit
 make install install-pos BASEDIR=$PKG || exit 1
 
 mv $PKG/usr/share/man $PKG/usr
@@ -62,9 +71,6 @@ for i in $( find $PKG/usr/man -type l ) ; do
   rm $i
 done
 
-# Remove mkpasswd stuff:
-find $PKG -iname "mkpasswd*" -exec rm -f {} \;
-
 mkdir -p $PKG/usr/doc/whois-$VERSION
 cp -a \
   COPYING* README* \
diff --git a/source/n/wireless-tools/slack-desc b/source/n/wireless-tools/slack-desc
deleted file mode 100644
index 7b2ca529b..000000000
--- a/source/n/wireless-tools/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-              |-----handy-ruler------------------------------------------------------|
-wireless-tools: wireless-tools (utilities for wireless networking)
-wireless-tools:
-wireless-tools: This package contains tools and a library used for configuring
-wireless-tools: wireless networking interfaces:
-wireless-tools:   iwconfig (the main wireless tool),  iwlist (display more detailed
-wireless-tools:   information than iwconfig),  iwspy (get stats per MAC address and
-wireless-tools:   more),  iwpriv (set driver private ioctls),  iwgetid (show the
-wireless-tools:   ESSID or NWID of a device),  iwevent (display wireless events),
-wireless-tools:   ifrename (rename a network interface).
-wireless-tools:
-wireless-tools: The wireless-tools were written by Jean Tourrilhes.
diff --git a/source/n/wireless-tools/doinst.sh b/source/n/wireless_tools/doinst.sh
index ec61a630a..ec61a630a 100644
--- a/source/n/wireless-tools/doinst.sh
+++ b/source/n/wireless_tools/doinst.sh
diff --git a/source/n/wireless-tools/scripts/rc.wireless b/source/n/wireless_tools/scripts/rc.wireless
index d1264a1fc..e7a35b893 100644
--- a/source/n/wireless-tools/scripts/rc.wireless
+++ b/source/n/wireless_tools/scripts/rc.wireless
@@ -47,7 +47,7 @@
 # 16/apr/2008 * Pat Volkerding * Make sure that HWADDR is all upper case.
 # 23/apr/2008 * Pat Volkerding * Increase sleep time after bringing up an
 #                                interface to 3 seconds.  Some drivers
-#                                need this additional time to initialize.
+#                                need this additional time to initalize.
 # 02/jan/2010 * Pat Volkerding * Look for /sys/class/net/$NETDEV/wireless rather
 #                                than the contents of /proc/net/wireless to find
 #                                if a network device is wireless.  In newer
@@ -84,7 +84,7 @@ done
 IWCOMMAND="$IWPATH/iwconfig ${INTERFACE}"
 IWPRIVCMD="$IWPATH/iwpriv ${INTERFACE}"
 IWSPYCMD="$IWPATH/iwspy ${INTERFACE}"
-IFCOMMAND="/sbin/ifconfig ${INTERFACE}"
+IFCOMMAND="/sbin/ip link set dev ${INTERFACE}"
 
 is_wireless_device ()
 {
@@ -124,7 +124,7 @@ $IFCOMMAND up
 sleep 3
 
 # Get the MAC address for the interface
-HWADDR=$(/sbin/ifconfig ${INTERFACE} | sed -ne 's/.*\(..:..:..:..:..:..\).*/\U\1/p')
+HWADDR=$(/sbin/ip link show dev ${INTERFACE} | sed -ne 's/.*link\/ether \(..:..:..:..:..:..\).*/\U\1/p') 
 
 # Empty all wireless parameters- some of them could still be set for a previous interface:
 # when rc.inet1 is sourced from rc.M all scripts are run in the same shell.
diff --git a/source/n/wireless-tools/scripts/rc.wireless.conf b/source/n/wireless_tools/scripts/rc.wireless.conf
index d02d7c2cc..5c611207c 100644
--- a/source/n/wireless-tools/scripts/rc.wireless.conf
+++ b/source/n/wireless_tools/scripts/rc.wireless.conf
@@ -6,7 +6,8 @@
 # card inserted, the *first* block matching the card is used.
 # The address format is "hwaddr", with * as a wildcard.
 # 'hwaddr' is the unique MAC address identifier of the wireless card.
-# The MAC address is usually printed on the card, or can be found via ifconfig.
+# The MAC address is usually printed on the card, or can be found via 
+# "/sbin/ip link show dev $interface"
 # Some examples here use only half of the MAC address with a wildcard to
 # match a whole family of cards...
 #
diff --git a/source/n/wireless_tools/slack-desc b/source/n/wireless_tools/slack-desc
new file mode 100644
index 000000000..fb2e86da0
--- /dev/null
+++ b/source/n/wireless_tools/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+              |-----handy-ruler------------------------------------------------------|
+wireless_tools: wireless_tools (utilities for wireless networking)
+wireless_tools:
+wireless_tools: This package contains tools and a library used for configuring
+wireless_tools: wireless networking interfaces:
+wireless_tools:  iwconfig (the main wireless tool),  iwlist (display more detailed
+wireless_tools:  information than iwconfig),  iwspy (get stats per MAC address and
+wireless_tools:  more),  iwpriv (set driver private ioctls),  iwgetid (show the
+wireless_tools:  ESSID or NWID of a device),  iwevent (display wireless events),
+wireless_tools:  ifrename (rename a network interface).
+wireless_tools:
+wireless_tools: The wireless_tools were written by Jean Tourrilhes.
diff --git a/source/n/wireless-tools/wireless_tools.SlackBuild b/source/n/wireless_tools/wireless_tools.SlackBuild
index 21607d3dd..48ffa8ca9 100755
--- a/source/n/wireless-tools/wireless_tools.SlackBuild
+++ b/source/n/wireless_tools/wireless_tools.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2012  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2008, 2009, 2010, 2012, 2018  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,29 +20,38 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
+PKGNAM=wireless_tools
 VERSION=29
-BUILD=${BUILD:-9}
+BUILD=${BUILD:-12}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "x86_64" ]; then
   LIBDIRSUFFIX="64"
 else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
-PKG=$TMP/package-wireless-tools
+PKG=$TMP/package-wireless_tools
 rm -rf $PKG
 mkdir -p $TMP $PKG
 
@@ -85,11 +94,11 @@ for file in *.8 ; do
   cat $file | gzip -9c > $PKG/usr/man/man8/$file.gz
 done
 
-mkdir -p $PKG/usr/doc/wireless-tools-$VERSION
+mkdir -p $PKG/usr/doc/wireless_tools-$VERSION
 cp -a \
   COPYING INSTALL *.txt README* \
-  $PKG/usr/doc/wireless-tools-$VERSION
-chmod 644 $PKG/usr/doc/wireless-tools-$VERSION/*
+  $PKG/usr/doc/wireless_tools-$VERSION
+chmod 644 $PKG/usr/doc/wireless_tools-$VERSION/*
 
 # Add init scripts from Eric Hameleers:
 mkdir -p $PKG/etc/rc.d
@@ -104,5 +113,5 @@ cat $CWD/slack-desc > $PKG/install/slack-desc
 zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 
 cd $PKG
-/sbin/makepkg -l y -c n $TMP/wireless-tools-$VERSION-$ARCH-$BUILD.txz
+/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz
 
diff --git a/source/n/wireless-tools/wireless_tools.nowhine.diff b/source/n/wireless_tools/wireless_tools.nowhine.diff
index 71d4d16fa..71d4d16fa 100644
--- a/source/n/wireless-tools/wireless_tools.nowhine.diff
+++ b/source/n/wireless_tools/wireless_tools.nowhine.diff
diff --git a/source/n/wireless-tools/wireless_tools.static.diff b/source/n/wireless_tools/wireless_tools.static.diff
index 71f4ec3fa..71f4ec3fa 100644
--- a/source/n/wireless-tools/wireless_tools.static.diff
+++ b/source/n/wireless_tools/wireless_tools.static.diff
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
new file mode 100644
index 000000000..727684865
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
@@ -0,0 +1,174 @@
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
+---
+ src/ap/ieee802_11.c  | 16 +++++++++++++---
+ src/ap/wpa_auth.c    | 11 +++++++++++
+ src/ap/wpa_auth.h    |  3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++++++++++
+ src/ap/wpa_auth_i.h  |  1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
++++ b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+ 	struct ieee80211_ht_capabilities ht_cap;
+ 	struct ieee80211_vht_capabilities vht_cap;
++	int set = 1;
+ 
+ 	/*
+ 	 * Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ 	 * FT-over-the-DS, where a station re-associates back to the same AP but
+ 	 * skips the authentication flow, or if working with a driver that
+ 	 * does not support full AP client state.
++	 *
++	 * Skip this if the STA has already completed FT reassociation and the
++	 * TK has been configured since the TX/RX PN must not be reset to 0 for
++	 * the same key.
+ 	 */
+-	if (!sta->added_unassoc)
++	if (!sta->added_unassoc &&
++	    (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++	     !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+ 		hostapd_drv_sta_remove(hapd, sta->addr);
++		wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++		set = 0;
++	}
+ 
+ #ifdef CONFIG_IEEE80211N
+ 	if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ 			    sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
+ 			    sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
+ 			    sta->vht_opmode, sta->p2p_ie ? 1 : 0,
+-			    sta->added_unassoc)) {
++			    set)) {
+ 		hostapd_logger(hapd, sta->addr,
+ 			       HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_NOTICE,
+ 			       "Could not %s STA to kernel driver",
+-			       sta->added_unassoc ? "set" : "add");
++			       set ? "set" : "add");
+ 
+ 		if (sta->added_unassoc) {
+ 			hostapd_drv_sta_remove(hapd, sta->addr);
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 3587086..707971d 100644
+--- a/src/ap/wpa_auth.c
++++ b/src/ap/wpa_auth.c
+@@ -1745,6 +1745,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event)
+ #else /* CONFIG_IEEE80211R */
+ 		break;
+ #endif /* CONFIG_IEEE80211R */
++	case WPA_DRV_STA_REMOVED:
++		sm->tk_already_set = FALSE;
++		return 0;
+ 	}
+ 
+ #ifdef CONFIG_IEEE80211R
+@@ -3250,6 +3253,14 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm)
+ }
+ 
+ 
++int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
++{
++	if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
++		return 0;
++	return sm->tk_already_set;
++}
++
++
+ int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
+ 			     struct rsn_pmksa_cache_entry *entry)
+ {
+diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
+index 0de8d97..97461b0 100644
+--- a/src/ap/wpa_auth.h
++++ b/src/ap/wpa_auth.h
+@@ -267,7 +267,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
+ 		 u8 *data, size_t data_len);
+ enum wpa_event {
+ 	WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
+-	WPA_REAUTH_EAPOL, WPA_ASSOC_FT
++	WPA_REAUTH_EAPOL, WPA_ASSOC_FT, WPA_DRV_STA_REMOVED
+ };
+ void wpa_remove_ptk(struct wpa_state_machine *sm);
+ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum wpa_event event);
+@@ -280,6 +280,7 @@ int wpa_auth_pairwise_set(struct wpa_state_machine *sm);
+ int wpa_auth_get_pairwise(struct wpa_state_machine *sm);
+ int wpa_auth_sta_key_mgmt(struct wpa_state_machine *sm);
+ int wpa_auth_sta_wpa_version(struct wpa_state_machine *sm);
++int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm);
+ int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
+ 			     struct rsn_pmksa_cache_entry *entry);
+ struct rsn_pmksa_cache_entry *
+diff --git a/src/ap/wpa_auth_ft.c b/src/ap/wpa_auth_ft.c
+index 42242a5..e63b99a 100644
+--- a/src/ap/wpa_auth_ft.c
++++ b/src/ap/wpa_auth_ft.c
+@@ -780,6 +780,14 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
+ 		return;
+ 	}
+ 
++	if (sm->tk_already_set) {
++		/* Must avoid TK reconfiguration to prevent clearing of TX/RX
++		 * PN in the driver */
++		wpa_printf(MSG_DEBUG,
++			   "FT: Do not re-install same PTK to the driver");
++		return;
++	}
++
+ 	/* FIX: add STA entry to kernel/driver here? The set_key will fail
+ 	 * most likely without this.. At the moment, STA entry is added only
+ 	 * after association has been completed. This function will be called
+@@ -792,6 +800,7 @@ void wpa_ft_install_ptk(struct wpa_state_machine *sm)
+ 
+ 	/* FIX: MLME-SetProtection.Request(TA, Tx_Rx) */
+ 	sm->pairwise_set = TRUE;
++	sm->tk_already_set = TRUE;
+ }
+ 
+ 
+@@ -898,6 +907,7 @@ static int wpa_ft_process_auth_req(struct wpa_state_machine *sm,
+ 
+ 	sm->pairwise = pairwise;
+ 	sm->PTK_valid = TRUE;
++	sm->tk_already_set = FALSE;
+ 	wpa_ft_install_ptk(sm);
+ 
+ 	buflen = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
+diff --git a/src/ap/wpa_auth_i.h b/src/ap/wpa_auth_i.h
+index 72b7eb3..7fd8f05 100644
+--- a/src/ap/wpa_auth_i.h
++++ b/src/ap/wpa_auth_i.h
+@@ -65,6 +65,7 @@ struct wpa_state_machine {
+ 	struct wpa_ptk PTK;
+ 	Boolean PTK_valid;
+ 	Boolean pairwise_set;
++	Boolean tk_already_set;
+ 	int keycount;
+ 	Boolean Pair;
+ 	struct wpa_key_replay_counter {
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
new file mode 100644
index 000000000..1802d664a
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
@@ -0,0 +1,250 @@
+From 927f891007c402fefd1ff384645b3f07597c3ede Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
+Date: Wed, 12 Jul 2017 16:03:24 +0200
+Subject: [PATCH 2/8] Prevent reinstallation of an already in-use group key
+
+Track the current GTK and IGTK that is in use and when receiving a
+(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
+not install the given key if it is already in use. This prevents an
+attacker from trying to trick the client into resetting or lowering the
+sequence counter associated to the group key.
+
+Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
+---
+ src/common/wpa_common.h |  11 +++++
+ src/rsn_supp/wpa.c      | 116 ++++++++++++++++++++++++++++++------------------
+ src/rsn_supp/wpa_i.h    |   4 ++
+ 3 files changed, 87 insertions(+), 44 deletions(-)
+
+diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
+index af1d0f0..d200285 100644
+--- a/src/common/wpa_common.h
++++ b/src/common/wpa_common.h
+@@ -217,6 +217,17 @@ struct wpa_ptk {
+ 	size_t tk_len;
+ };
+ 
++struct wpa_gtk {
++	u8 gtk[WPA_GTK_MAX_LEN];
++	size_t gtk_len;
++};
++
++#ifdef CONFIG_IEEE80211W
++struct wpa_igtk {
++	u8 igtk[WPA_IGTK_MAX_LEN];
++	size_t igtk_len;
++};
++#endif /* CONFIG_IEEE80211W */
+ 
+ /* WPA IE version 1
+  * 00-50-f2:1 (OUI:OUI type)
+diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
+index 3c47879..95bd7be 100644
+--- a/src/rsn_supp/wpa.c
++++ b/src/rsn_supp/wpa.c
+@@ -714,6 +714,15 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
+ 	const u8 *_gtk = gd->gtk;
+ 	u8 gtk_buf[32];
+ 
++	/* Detect possible key reinstallation */
++	if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
++	    os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
++		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
++			"WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
++			gd->keyidx, gd->tx, gd->gtk_len);
++		return 0;
++	}
++
+ 	wpa_hexdump_key(MSG_DEBUG, "WPA: Group Key", gd->gtk, gd->gtk_len);
+ 	wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ 		"WPA: Installing GTK to the driver (keyidx=%d tx=%d len=%d)",
+@@ -748,6 +757,9 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
+ 	}
+ 	os_memset(gtk_buf, 0, sizeof(gtk_buf));
+ 
++	sm->gtk.gtk_len = gd->gtk_len;
++	os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
++
+ 	return 0;
+ }
+ 
+@@ -854,6 +866,48 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
+ }
+ 
+ 
++#ifdef CONFIG_IEEE80211W
++static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
++				       const struct wpa_igtk_kde *igtk)
++{
++	size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
++	u16 keyidx = WPA_GET_LE16(igtk->keyid);
++
++	/* Detect possible key reinstallation */
++	if (sm->igtk.igtk_len == len &&
++	    os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
++		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
++			"WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
++			keyidx);
++		return  0;
++	}
++
++	wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
++		"WPA: IGTK keyid %d pn %02x%02x%02x%02x%02x%02x",
++		keyidx, MAC2STR(igtk->pn));
++	wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK", igtk->igtk, len);
++	if (keyidx > 4095) {
++		wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
++			"WPA: Invalid IGTK KeyID %d", keyidx);
++		return -1;
++	}
++	if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
++			   broadcast_ether_addr,
++			   keyidx, 0, igtk->pn, sizeof(igtk->pn),
++			   igtk->igtk, len) < 0) {
++		wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
++			"WPA: Failed to configure IGTK to the driver");
++		return -1;
++	}
++
++	sm->igtk.igtk_len = len;
++	os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
++
++	return 0;
++}
++#endif /* CONFIG_IEEE80211W */
++
++
+ static int ieee80211w_set_keys(struct wpa_sm *sm,
+ 			       struct wpa_eapol_ie_parse *ie)
+ {
+@@ -864,30 +918,14 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
+ 	if (ie->igtk) {
+ 		size_t len;
+ 		const struct wpa_igtk_kde *igtk;
+-		u16 keyidx;
++
+ 		len = wpa_cipher_key_len(sm->mgmt_group_cipher);
+ 		if (ie->igtk_len != WPA_IGTK_KDE_PREFIX_LEN + len)
+ 			return -1;
++
+ 		igtk = (const struct wpa_igtk_kde *) ie->igtk;
+-		keyidx = WPA_GET_LE16(igtk->keyid);
+-		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG, "WPA: IGTK keyid %d "
+-			"pn %02x%02x%02x%02x%02x%02x",
+-			keyidx, MAC2STR(igtk->pn));
+-		wpa_hexdump_key(MSG_DEBUG, "WPA: IGTK",
+-				igtk->igtk, len);
+-		if (keyidx > 4095) {
+-			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+-				"WPA: Invalid IGTK KeyID %d", keyidx);
+-			return -1;
+-		}
+-		if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
+-				   broadcast_ether_addr,
+-				   keyidx, 0, igtk->pn, sizeof(igtk->pn),
+-				   igtk->igtk, len) < 0) {
+-			wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
+-				"WPA: Failed to configure IGTK to the driver");
++		if (wpa_supplicant_install_igtk(sm, igtk) < 0)
+ 			return -1;
+-		}
+ 	}
+ 
+ 	return 0;
+@@ -2307,7 +2345,7 @@ void wpa_sm_deinit(struct wpa_sm *sm)
+  */
+ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
+ {
+-	int clear_ptk = 1;
++	int clear_keys = 1;
+ 
+ 	if (sm == NULL)
+ 		return;
+@@ -2333,11 +2371,11 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
+ 		/* Prepare for the next transition */
+ 		wpa_ft_prepare_auth_request(sm, NULL);
+ 
+-		clear_ptk = 0;
++		clear_keys = 0;
+ 	}
+ #endif /* CONFIG_IEEE80211R */
+ 
+-	if (clear_ptk) {
++	if (clear_keys) {
+ 		/*
+ 		 * IEEE 802.11, 8.4.10: Delete PTK SA on (re)association if
+ 		 * this is not part of a Fast BSS Transition.
+@@ -2347,6 +2385,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
+ 		os_memset(&sm->ptk, 0, sizeof(sm->ptk));
+ 		sm->tptk_set = 0;
+ 		os_memset(&sm->tptk, 0, sizeof(sm->tptk));
++		os_memset(&sm->gtk, 0, sizeof(sm->gtk));
++#ifdef CONFIG_IEEE80211W
++		os_memset(&sm->igtk, 0, sizeof(sm->igtk));
++#endif /* CONFIG_IEEE80211W */
+ 	}
+ 
+ #ifdef CONFIG_TDLS
+@@ -2877,6 +2919,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
+ 	os_memset(sm->pmk, 0, sizeof(sm->pmk));
+ 	os_memset(&sm->ptk, 0, sizeof(sm->ptk));
+ 	os_memset(&sm->tptk, 0, sizeof(sm->tptk));
++	os_memset(&sm->gtk, 0, sizeof(sm->gtk));
++#ifdef CONFIG_IEEE80211W
++	os_memset(&sm->igtk, 0, sizeof(sm->igtk));
++#endif /* CONFIG_IEEE80211W */
+ #ifdef CONFIG_IEEE80211R
+ 	os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
+ 	os_memset(sm->pmk_r0, 0, sizeof(sm->pmk_r0));
+@@ -2949,29 +2995,11 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
+ 		os_memset(&gd, 0, sizeof(gd));
+ #ifdef CONFIG_IEEE80211W
+ 	} else if (subelem_id == WNM_SLEEP_SUBELEM_IGTK) {
+-		struct wpa_igtk_kde igd;
+-		u16 keyidx;
+-
+-		os_memset(&igd, 0, sizeof(igd));
+-		keylen = wpa_cipher_key_len(sm->mgmt_group_cipher);
+-		os_memcpy(igd.keyid, buf + 2, 2);
+-		os_memcpy(igd.pn, buf + 4, 6);
+-
+-		keyidx = WPA_GET_LE16(igd.keyid);
+-		os_memcpy(igd.igtk, buf + 10, keylen);
+-
+-		wpa_hexdump_key(MSG_DEBUG, "Install IGTK (WNM SLEEP)",
+-				igd.igtk, keylen);
+-		if (wpa_sm_set_key(sm, wpa_cipher_to_alg(sm->mgmt_group_cipher),
+-				   broadcast_ether_addr,
+-				   keyidx, 0, igd.pn, sizeof(igd.pn),
+-				   igd.igtk, keylen) < 0) {
+-			wpa_printf(MSG_DEBUG, "Failed to install the IGTK in "
+-				   "WNM mode");
+-			os_memset(&igd, 0, sizeof(igd));
++		const struct wpa_igtk_kde *igtk;
++
++		igtk = (const struct wpa_igtk_kde *) (buf + 2);
++		if (wpa_supplicant_install_igtk(sm, igtk) < 0)
+ 			return -1;
+-		}
+-		os_memset(&igd, 0, sizeof(igd));
+ #endif /* CONFIG_IEEE80211W */
+ 	} else {
+ 		wpa_printf(MSG_DEBUG, "Unknown element id");
+diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
+index f653ba6..afc9e37 100644
+--- a/src/rsn_supp/wpa_i.h
++++ b/src/rsn_supp/wpa_i.h
+@@ -31,6 +31,10 @@ struct wpa_sm {
+ 	u8 rx_replay_counter[WPA_REPLAY_COUNTER_LEN];
+ 	int rx_replay_counter_set;
+ 	u8 request_counter[WPA_REPLAY_COUNTER_LEN];
++	struct wpa_gtk gtk;
++#ifdef CONFIG_IEEE80211W
++	struct wpa_igtk igtk;
++#endif /* CONFIG_IEEE80211W */
+ 
+ 	struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
+ 
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
new file mode 100644
index 000000000..e2937b851
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
@@ -0,0 +1,184 @@
+From 8280294e74846ea342389a0cd17215050fa5afe8 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sun, 1 Oct 2017 12:12:24 +0300
+Subject: [PATCH 3/8] Extend protection of GTK/IGTK reinstallation of WNM-Sleep
+ Mode cases
+
+This extends the protection to track last configured GTK/IGTK value
+separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
+corner case where these two different mechanisms may get used when the
+GTK/IGTK has changed and tracking a single value is not sufficient to
+detect a possible key reconfiguration.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/rsn_supp/wpa.c   | 53 +++++++++++++++++++++++++++++++++++++---------------
+ src/rsn_supp/wpa_i.h |  2 ++
+ 2 files changed, 40 insertions(+), 15 deletions(-)
+
+diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
+index 95bd7be..7a2c68d 100644
+--- a/src/rsn_supp/wpa.c
++++ b/src/rsn_supp/wpa.c
+@@ -709,14 +709,17 @@ struct wpa_gtk_data {
+ 
+ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
+ 				      const struct wpa_gtk_data *gd,
+-				      const u8 *key_rsc)
++				      const u8 *key_rsc, int wnm_sleep)
+ {
+ 	const u8 *_gtk = gd->gtk;
+ 	u8 gtk_buf[32];
+ 
+ 	/* Detect possible key reinstallation */
+-	if (sm->gtk.gtk_len == (size_t) gd->gtk_len &&
+-	    os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) {
++	if ((sm->gtk.gtk_len == (size_t) gd->gtk_len &&
++	     os_memcmp(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len) == 0) ||
++	    (sm->gtk_wnm_sleep.gtk_len == (size_t) gd->gtk_len &&
++	     os_memcmp(sm->gtk_wnm_sleep.gtk, gd->gtk,
++		       sm->gtk_wnm_sleep.gtk_len) == 0)) {
+ 		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ 			"WPA: Not reinstalling already in-use GTK to the driver (keyidx=%d tx=%d len=%d)",
+ 			gd->keyidx, gd->tx, gd->gtk_len);
+@@ -757,8 +760,14 @@ static int wpa_supplicant_install_gtk(struct wpa_sm *sm,
+ 	}
+ 	os_memset(gtk_buf, 0, sizeof(gtk_buf));
+ 
+-	sm->gtk.gtk_len = gd->gtk_len;
+-	os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
++	if (wnm_sleep) {
++		sm->gtk_wnm_sleep.gtk_len = gd->gtk_len;
++		os_memcpy(sm->gtk_wnm_sleep.gtk, gd->gtk,
++			  sm->gtk_wnm_sleep.gtk_len);
++	} else {
++		sm->gtk.gtk_len = gd->gtk_len;
++		os_memcpy(sm->gtk.gtk, gd->gtk, sm->gtk.gtk_len);
++	}
+ 
+ 	return 0;
+ }
+@@ -852,7 +861,7 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
+ 	    (wpa_supplicant_check_group_cipher(sm, sm->group_cipher,
+ 					       gtk_len, gtk_len,
+ 					       &gd.key_rsc_len, &gd.alg) ||
+-	     wpa_supplicant_install_gtk(sm, &gd, key_rsc))) {
++	     wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0))) {
+ 		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ 			"RSN: Failed to install GTK");
+ 		os_memset(&gd, 0, sizeof(gd));
+@@ -868,14 +877,18 @@ static int wpa_supplicant_pairwise_gtk(struct wpa_sm *sm,
+ 
+ #ifdef CONFIG_IEEE80211W
+ static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
+-				       const struct wpa_igtk_kde *igtk)
++				       const struct wpa_igtk_kde *igtk,
++				       int wnm_sleep)
+ {
+ 	size_t len = wpa_cipher_key_len(sm->mgmt_group_cipher);
+ 	u16 keyidx = WPA_GET_LE16(igtk->keyid);
+ 
+ 	/* Detect possible key reinstallation */
+-	if (sm->igtk.igtk_len == len &&
+-	    os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) {
++	if ((sm->igtk.igtk_len == len &&
++	     os_memcmp(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len) == 0) ||
++	    (sm->igtk_wnm_sleep.igtk_len == len &&
++	     os_memcmp(sm->igtk_wnm_sleep.igtk, igtk->igtk,
++		       sm->igtk_wnm_sleep.igtk_len) == 0)) {
+ 		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ 			"WPA: Not reinstalling already in-use IGTK to the driver (keyidx=%d)",
+ 			keyidx);
+@@ -900,8 +913,14 @@ static int wpa_supplicant_install_igtk(struct wpa_sm *sm,
+ 		return -1;
+ 	}
+ 
+-	sm->igtk.igtk_len = len;
+-	os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
++	if (wnm_sleep) {
++		sm->igtk_wnm_sleep.igtk_len = len;
++		os_memcpy(sm->igtk_wnm_sleep.igtk, igtk->igtk,
++			  sm->igtk_wnm_sleep.igtk_len);
++	} else {
++		sm->igtk.igtk_len = len;
++		os_memcpy(sm->igtk.igtk, igtk->igtk, sm->igtk.igtk_len);
++	}
+ 
+ 	return 0;
+ }
+@@ -924,7 +943,7 @@ static int ieee80211w_set_keys(struct wpa_sm *sm,
+ 			return -1;
+ 
+ 		igtk = (const struct wpa_igtk_kde *) ie->igtk;
+-		if (wpa_supplicant_install_igtk(sm, igtk) < 0)
++		if (wpa_supplicant_install_igtk(sm, igtk, 0) < 0)
+ 			return -1;
+ 	}
+ 
+@@ -1574,7 +1593,7 @@ static void wpa_supplicant_process_1_of_2(struct wpa_sm *sm,
+ 	if (wpa_supplicant_rsc_relaxation(sm, key->key_rsc))
+ 		key_rsc = null_rsc;
+ 
+-	if (wpa_supplicant_install_gtk(sm, &gd, key_rsc) ||
++	if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 0) ||
+ 	    wpa_supplicant_send_2_of_2(sm, key, ver, key_info) < 0)
+ 		goto failed;
+ 	os_memset(&gd, 0, sizeof(gd));
+@@ -2386,8 +2405,10 @@ void wpa_sm_notify_assoc(struct wpa_sm *sm, const u8 *bssid)
+ 		sm->tptk_set = 0;
+ 		os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+ 		os_memset(&sm->gtk, 0, sizeof(sm->gtk));
++		os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
+ #ifdef CONFIG_IEEE80211W
+ 		os_memset(&sm->igtk, 0, sizeof(sm->igtk));
++		os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
+ #endif /* CONFIG_IEEE80211W */
+ 	}
+ 
+@@ -2920,8 +2941,10 @@ void wpa_sm_drop_sa(struct wpa_sm *sm)
+ 	os_memset(&sm->ptk, 0, sizeof(sm->ptk));
+ 	os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+ 	os_memset(&sm->gtk, 0, sizeof(sm->gtk));
++	os_memset(&sm->gtk_wnm_sleep, 0, sizeof(sm->gtk_wnm_sleep));
+ #ifdef CONFIG_IEEE80211W
+ 	os_memset(&sm->igtk, 0, sizeof(sm->igtk));
++	os_memset(&sm->igtk_wnm_sleep, 0, sizeof(sm->igtk_wnm_sleep));
+ #endif /* CONFIG_IEEE80211W */
+ #ifdef CONFIG_IEEE80211R
+ 	os_memset(sm->xxkey, 0, sizeof(sm->xxkey));
+@@ -2986,7 +3009,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
+ 
+ 		wpa_hexdump_key(MSG_DEBUG, "Install GTK (WNM SLEEP)",
+ 				gd.gtk, gd.gtk_len);
+-		if (wpa_supplicant_install_gtk(sm, &gd, key_rsc)) {
++		if (wpa_supplicant_install_gtk(sm, &gd, key_rsc, 1)) {
+ 			os_memset(&gd, 0, sizeof(gd));
+ 			wpa_printf(MSG_DEBUG, "Failed to install the GTK in "
+ 				   "WNM mode");
+@@ -2998,7 +3021,7 @@ int wpa_wnmsleep_install_key(struct wpa_sm *sm, u8 subelem_id, u8 *buf)
+ 		const struct wpa_igtk_kde *igtk;
+ 
+ 		igtk = (const struct wpa_igtk_kde *) (buf + 2);
+-		if (wpa_supplicant_install_igtk(sm, igtk) < 0)
++		if (wpa_supplicant_install_igtk(sm, igtk, 1) < 0)
+ 			return -1;
+ #endif /* CONFIG_IEEE80211W */
+ 	} else {
+diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
+index afc9e37..9a54631 100644
+--- a/src/rsn_supp/wpa_i.h
++++ b/src/rsn_supp/wpa_i.h
+@@ -32,8 +32,10 @@ struct wpa_sm {
+ 	int rx_replay_counter_set;
+ 	u8 request_counter[WPA_REPLAY_COUNTER_LEN];
+ 	struct wpa_gtk gtk;
++	struct wpa_gtk gtk_wnm_sleep;
+ #ifdef CONFIG_IEEE80211W
+ 	struct wpa_igtk igtk;
++	struct wpa_igtk igtk_wnm_sleep;
+ #endif /* CONFIG_IEEE80211W */
+ 
+ 	struct eapol_sm *eapol; /* EAPOL state machine from upper level code */
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
new file mode 100644
index 000000000..22ee21794
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch
@@ -0,0 +1,79 @@
+From 8f82bc94e8697a9d47fa8774dfdaaede1084912c Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
+Date: Fri, 29 Sep 2017 04:22:51 +0200
+Subject: [PATCH 4/8] Prevent installation of an all-zero TK
+
+Properly track whether a PTK has already been installed to the driver
+and the TK part cleared from memory. This prevents an attacker from
+trying to trick the client into installing an all-zero TK.
+
+This fixes the earlier fix in commit
+ad00d64e7d8827b3cebd665a0ceb08adabf15e1e ('Fix TK configuration to the
+driver in EAPOL-Key 3/4 retry case') which did not take into account
+possibility of an extra message 1/4 showing up between retries of
+message 3/4.
+
+Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
+---
+ src/common/wpa_common.h | 1 +
+ src/rsn_supp/wpa.c      | 5 ++---
+ src/rsn_supp/wpa_i.h    | 1 -
+ 3 files changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/src/common/wpa_common.h b/src/common/wpa_common.h
+index d200285..1021ccb 100644
+--- a/src/common/wpa_common.h
++++ b/src/common/wpa_common.h
+@@ -215,6 +215,7 @@ struct wpa_ptk {
+ 	size_t kck_len;
+ 	size_t kek_len;
+ 	size_t tk_len;
++	int installed; /* 1 if key has already been installed to driver */
+ };
+ 
+ struct wpa_gtk {
+diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
+index 7a2c68d..0550a41 100644
+--- a/src/rsn_supp/wpa.c
++++ b/src/rsn_supp/wpa.c
+@@ -510,7 +510,6 @@ static void wpa_supplicant_process_1_of_4(struct wpa_sm *sm,
+ 		os_memset(buf, 0, sizeof(buf));
+ 	}
+ 	sm->tptk_set = 1;
+-	sm->tk_to_set = 1;
+ 
+ 	kde = sm->assoc_wpa_ie;
+ 	kde_len = sm->assoc_wpa_ie_len;
+@@ -615,7 +614,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
+ 	enum wpa_alg alg;
+ 	const u8 *key_rsc;
+ 
+-	if (!sm->tk_to_set) {
++	if (sm->ptk.installed) {
+ 		wpa_dbg(sm->ctx->msg_ctx, MSG_DEBUG,
+ 			"WPA: Do not re-install same PTK to the driver");
+ 		return 0;
+@@ -659,7 +658,7 @@ static int wpa_supplicant_install_ptk(struct wpa_sm *sm,
+ 
+ 	/* TK is not needed anymore in supplicant */
+ 	os_memset(sm->ptk.tk, 0, WPA_TK_MAX_LEN);
+-	sm->tk_to_set = 0;
++	sm->ptk.installed = 1;
+ 
+ 	if (sm->wpa_ptk_rekey) {
+ 		eloop_cancel_timeout(wpa_sm_rekey_ptk, sm, NULL);
+diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
+index 9a54631..41f371f 100644
+--- a/src/rsn_supp/wpa_i.h
++++ b/src/rsn_supp/wpa_i.h
+@@ -24,7 +24,6 @@ struct wpa_sm {
+ 	struct wpa_ptk ptk, tptk;
+ 	int ptk_set, tptk_set;
+ 	unsigned int msg_3_of_4_ok:1;
+-	unsigned int tk_to_set:1;
+ 	u8 snonce[WPA_NONCE_LEN];
+ 	u8 anonce[WPA_NONCE_LEN]; /* ANonce from the last 1/4 msg */
+ 	int renew_snonce;
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
new file mode 100644
index 000000000..c19c4c710
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
@@ -0,0 +1,64 @@
+From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sun, 1 Oct 2017 12:32:57 +0300
+Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce
+
+The Authenticator state machine path for PTK rekeying ended up bypassing
+the AUTHENTICATION2 state where a new ANonce is generated when going
+directly to the PTKSTART state since there is no need to try to
+determine the PMK again in such a case. This is far from ideal since the
+new PTK would depend on a new nonce only from the supplicant.
+
+Fix this by generating a new ANonce when moving to the PTKSTART state
+for the purpose of starting new 4-way handshake to rekey PTK.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/ap/wpa_auth.c | 24 +++++++++++++++++++++---
+ 1 file changed, 21 insertions(+), 3 deletions(-)
+
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 707971d..bf10cc1 100644
+--- a/src/ap/wpa_auth.c
++++ b/src/ap/wpa_auth.c
+@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
+ }
+ 
+ 
++static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
++{
++	if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
++		wpa_printf(MSG_ERROR,
++			   "WPA: Failed to get random data for ANonce");
++		sm->Disconnect = TRUE;
++		return -1;
++	}
++	wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
++		    WPA_NONCE_LEN);
++	sm->TimeoutCtr = 0;
++	return 0;
++}
++
++
+ SM_STATE(WPA_PTK, INITPMK)
+ {
+ 	u8 msk[2 * PMK_LEN];
+@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK)
+ 		SM_ENTER(WPA_PTK, AUTHENTICATION);
+ 	else if (sm->ReAuthenticationRequest)
+ 		SM_ENTER(WPA_PTK, AUTHENTICATION2);
+-	else if (sm->PTKRequest)
+-		SM_ENTER(WPA_PTK, PTKSTART);
+-	else switch (sm->wpa_ptk_state) {
++	else if (sm->PTKRequest) {
++		if (wpa_auth_sm_ptk_update(sm) < 0)
++			SM_ENTER(WPA_PTK, DISCONNECTED);
++		else
++			SM_ENTER(WPA_PTK, PTKSTART);
++	} else switch (sm->wpa_ptk_state) {
+ 	case WPA_PTK_INITIALIZE:
+ 		break;
+ 	case WPA_PTK_DISCONNECT:
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
new file mode 100644
index 000000000..e1bd5a572
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch
@@ -0,0 +1,132 @@
+From 6c4bed4f47d1960ec04981a9d50e5076aea5223d Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Fri, 22 Sep 2017 11:03:15 +0300
+Subject: [PATCH 6/8] TDLS: Reject TPK-TK reconfiguration
+
+Do not try to reconfigure the same TPK-TK to the driver after it has
+been successfully configured. This is an explicit check to avoid issues
+related to resetting the TX/RX packet number. There was already a check
+for this for TPK M2 (retries of that message are ignored completely), so
+that behavior does not get modified.
+
+For TPK M3, the TPK-TK could have been reconfigured, but that was
+followed by immediate teardown of the link due to an issue in updating
+the STA entry. Furthermore, for TDLS with any real security (i.e.,
+ignoring open/WEP), the TPK message exchange is protected on the AP path
+and simple replay attacks are not feasible.
+
+As an additional corner case, make sure the local nonce gets updated if
+the peer uses a very unlikely "random nonce" of all zeros.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/rsn_supp/tdls.c | 38 ++++++++++++++++++++++++++++++++++++--
+ 1 file changed, 36 insertions(+), 2 deletions(-)
+
+diff --git a/src/rsn_supp/tdls.c b/src/rsn_supp/tdls.c
+index e424168..9eb9738 100644
+--- a/src/rsn_supp/tdls.c
++++ b/src/rsn_supp/tdls.c
+@@ -112,6 +112,7 @@ struct wpa_tdls_peer {
+ 		u8 tk[16]; /* TPK-TK; assuming only CCMP will be used */
+ 	} tpk;
+ 	int tpk_set;
++	int tk_set; /* TPK-TK configured to the driver */
+ 	int tpk_success;
+ 	int tpk_in_progress;
+ 
+@@ -192,6 +193,20 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
+ 	u8 rsc[6];
+ 	enum wpa_alg alg;
+ 
++	if (peer->tk_set) {
++		/*
++		 * This same TPK-TK has already been configured to the driver
++		 * and this new configuration attempt (likely due to an
++		 * unexpected retransmitted frame) would result in clearing
++		 * the TX/RX sequence number which can break security, so must
++		 * not allow that to happen.
++		 */
++		wpa_printf(MSG_INFO, "TDLS: TPK-TK for the peer " MACSTR
++			   " has already been configured to the driver - do not reconfigure",
++			   MAC2STR(peer->addr));
++		return -1;
++	}
++
+ 	os_memset(rsc, 0, 6);
+ 
+ 	switch (peer->cipher) {
+@@ -209,12 +224,15 @@ static int wpa_tdls_set_key(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
+ 		return -1;
+ 	}
+ 
++	wpa_printf(MSG_DEBUG, "TDLS: Configure pairwise key for peer " MACSTR,
++		   MAC2STR(peer->addr));
+ 	if (wpa_sm_set_key(sm, alg, peer->addr, -1, 1,
+ 			   rsc, sizeof(rsc), peer->tpk.tk, key_len) < 0) {
+ 		wpa_printf(MSG_WARNING, "TDLS: Failed to set TPK to the "
+ 			   "driver");
+ 		return -1;
+ 	}
++	peer->tk_set = 1;
+ 	return 0;
+ }
+ 
+@@ -696,7 +714,7 @@ static void wpa_tdls_peer_clear(struct wpa_sm *sm, struct wpa_tdls_peer *peer)
+ 	peer->cipher = 0;
+ 	peer->qos_info = 0;
+ 	peer->wmm_capable = 0;
+-	peer->tpk_set = peer->tpk_success = 0;
++	peer->tk_set = peer->tpk_set = peer->tpk_success = 0;
+ 	peer->chan_switch_enabled = 0;
+ 	os_memset(&peer->tpk, 0, sizeof(peer->tpk));
+ 	os_memset(peer->inonce, 0, WPA_NONCE_LEN);
+@@ -1159,6 +1177,7 @@ skip_rsnie:
+ 		wpa_tdls_peer_free(sm, peer);
+ 		return -1;
+ 	}
++	peer->tk_set = 0; /* A new nonce results in a new TK */
+ 	wpa_hexdump(MSG_DEBUG, "TDLS: Initiator Nonce for TPK handshake",
+ 		    peer->inonce, WPA_NONCE_LEN);
+ 	os_memcpy(ftie->Snonce, peer->inonce, WPA_NONCE_LEN);
+@@ -1751,6 +1770,19 @@ static int wpa_tdls_addset_peer(struct wpa_sm *sm, struct wpa_tdls_peer *peer,
+ }
+ 
+ 
++static int tdls_nonce_set(const u8 *nonce)
++{
++	int i;
++
++	for (i = 0; i < WPA_NONCE_LEN; i++) {
++		if (nonce[i])
++			return 1;
++	}
++
++	return 0;
++}
++
++
+ static int wpa_tdls_process_tpk_m1(struct wpa_sm *sm, const u8 *src_addr,
+ 				   const u8 *buf, size_t len)
+ {
+@@ -2004,7 +2036,8 @@ skip_rsn:
+ 	peer->rsnie_i_len = kde.rsn_ie_len;
+ 	peer->cipher = cipher;
+ 
+-	if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0) {
++	if (os_memcmp(peer->inonce, ftie->Snonce, WPA_NONCE_LEN) != 0 ||
++	    !tdls_nonce_set(peer->inonce)) {
+ 		/*
+ 		 * There is no point in updating the RNonce for every obtained
+ 		 * TPK M1 frame (e.g., retransmission due to timeout) with the
+@@ -2020,6 +2053,7 @@ skip_rsn:
+ 				"TDLS: Failed to get random data for responder nonce");
+ 			goto error;
+ 		}
++		peer->tk_set = 0; /* A new nonce results in a new TK */
+ 	}
+ 
+ #if 0
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
new file mode 100644
index 000000000..85ea1d62b
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
@@ -0,0 +1,43 @@
+From 53c5eb58e95004f86e65ee9fbfccbc291b139057 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Fri, 22 Sep 2017 11:25:02 +0300
+Subject: [PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending
+ request
+
+Commit 03ed0a52393710be6bdae657d1b36efa146520e5 ('WNM: Ignore WNM-Sleep
+Mode Response if WNM-Sleep Mode has not been used') started ignoring the
+response when no WNM-Sleep Mode Request had been used during the
+association. This can be made tighter by clearing the used flag when
+successfully processing a response. This adds an additional layer of
+protection against unexpected retransmissions of the response frame.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ wpa_supplicant/wnm_sta.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/wpa_supplicant/wnm_sta.c b/wpa_supplicant/wnm_sta.c
+index 1b3409c..67a07ff 100644
+--- a/wpa_supplicant/wnm_sta.c
++++ b/wpa_supplicant/wnm_sta.c
+@@ -260,7 +260,7 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
+ 
+ 	if (!wpa_s->wnmsleep_used) {
+ 		wpa_printf(MSG_DEBUG,
+-			   "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode has not been used in this association");
++			   "WNM: Ignore WNM-Sleep Mode Response frame since WNM-Sleep Mode operation has not been requested");
+ 		return;
+ 	}
+ 
+@@ -299,6 +299,8 @@ static void ieee802_11_rx_wnmsleep_resp(struct wpa_supplicant *wpa_s,
+ 		return;
+ 	}
+ 
++	wpa_s->wnmsleep_used = 0;
++
+ 	if (wnmsleep_ie->status == WNM_STATUS_SLEEP_ACCEPT ||
+ 	    wnmsleep_ie->status == WNM_STATUS_SLEEP_EXIT_ACCEPT_GTK_UPDATE) {
+ 		wpa_printf(MSG_DEBUG, "Successfully recv WNM-Sleep Response "
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
new file mode 100644
index 000000000..b9678f681
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
@@ -0,0 +1,82 @@
+From b372ab0b7daea719749194dc554b26e6367603f2 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Fri, 22 Sep 2017 12:06:37 +0300
+Subject: [PATCH 8/8] FT: Do not allow multiple Reassociation Response frames
+
+The driver is expected to not report a second association event without
+the station having explicitly request a new association. As such, this
+case should not be reachable. However, since reconfiguring the same
+pairwise or group keys to the driver could result in nonce reuse issues,
+be extra careful here and do an additional state check to avoid this
+even if the local driver ends up somehow accepting an unexpected
+Reassociation Response frame.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/rsn_supp/wpa.c    | 3 +++
+ src/rsn_supp/wpa_ft.c | 8 ++++++++
+ src/rsn_supp/wpa_i.h  | 1 +
+ 3 files changed, 12 insertions(+)
+
+diff --git a/src/rsn_supp/wpa.c b/src/rsn_supp/wpa.c
+index 0550a41..2a53c6f 100644
+--- a/src/rsn_supp/wpa.c
++++ b/src/rsn_supp/wpa.c
+@@ -2440,6 +2440,9 @@ void wpa_sm_notify_disassoc(struct wpa_sm *sm)
+ #ifdef CONFIG_TDLS
+ 	wpa_tdls_disassoc(sm);
+ #endif /* CONFIG_TDLS */
++#ifdef CONFIG_IEEE80211R
++	sm->ft_reassoc_completed = 0;
++#endif /* CONFIG_IEEE80211R */
+ 
+ 	/* Keys are not needed in the WPA state machine anymore */
+ 	wpa_sm_drop_sa(sm);
+diff --git a/src/rsn_supp/wpa_ft.c b/src/rsn_supp/wpa_ft.c
+index 205793e..d45bb45 100644
+--- a/src/rsn_supp/wpa_ft.c
++++ b/src/rsn_supp/wpa_ft.c
+@@ -153,6 +153,7 @@ static u8 * wpa_ft_gen_req_ies(struct wpa_sm *sm, size_t *len,
+ 	u16 capab;
+ 
+ 	sm->ft_completed = 0;
++	sm->ft_reassoc_completed = 0;
+ 
+ 	buf_len = 2 + sizeof(struct rsn_mdie) + 2 + sizeof(struct rsn_ftie) +
+ 		2 + sm->r0kh_id_len + ric_ies_len + 100;
+@@ -681,6 +682,11 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
+ 		return -1;
+ 	}
+ 
++	if (sm->ft_reassoc_completed) {
++		wpa_printf(MSG_DEBUG, "FT: Reassociation has already been completed for this FT protocol instance - ignore unexpected retransmission");
++		return 0;
++	}
++
+ 	if (wpa_ft_parse_ies(ies, ies_len, &parse) < 0) {
+ 		wpa_printf(MSG_DEBUG, "FT: Failed to parse IEs");
+ 		return -1;
+@@ -781,6 +787,8 @@ int wpa_ft_validate_reassoc_resp(struct wpa_sm *sm, const u8 *ies,
+ 		return -1;
+ 	}
+ 
++	sm->ft_reassoc_completed = 1;
++
+ 	if (wpa_ft_process_gtk_subelem(sm, parse.gtk, parse.gtk_len) < 0)
+ 		return -1;
+ 
+diff --git a/src/rsn_supp/wpa_i.h b/src/rsn_supp/wpa_i.h
+index 41f371f..56f88dc 100644
+--- a/src/rsn_supp/wpa_i.h
++++ b/src/rsn_supp/wpa_i.h
+@@ -128,6 +128,7 @@ struct wpa_sm {
+ 	size_t r0kh_id_len;
+ 	u8 r1kh_id[FT_R1KH_ID_LEN];
+ 	int ft_completed;
++	int ft_reassoc_completed;
+ 	int over_the_ds_in_progress;
+ 	u8 target_ap[ETH_ALEN]; /* over-the-DS target AP */
+ 	int set_ptk_after_assoc;
+-- 
+2.7.4
+
diff --git a/source/n/wpa_supplicant/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt b/source/n/wpa_supplicant/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
new file mode 100644
index 000000000..5ccb5098c
--- /dev/null
+++ b/source/n/wpa_supplicant/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
@@ -0,0 +1,226 @@
+WPA packet number reuse with replayed messages and key reinstallation
+
+Published: October 16, 2017
+Identifiers:
+- CERT case ID: VU#228519
+- CVE-2017-13077
+- CVE-2017-13078
+- CVE-2017-13079
+- CVE-2017-13080
+- CVE-2017-13081
+- CVE-2017-13082
+- CVE-2017-13084 (not applicable)
+- CVE-2017-13086
+- CVE-2017-13087
+- CVE-2017-13088
+Latest version available from: https://w1.fi/security/2017-1/
+
+
+Vulnerability
+
+A vulnerability was found in how a number of implementations can be
+triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by
+replaying a specific frame that is used to manage the keys. Such
+reinstallation of the encryption key can result in two different types
+of vulnerabilities: disabling replay protection and significantly
+reducing the security of encryption to the point of allowing frames to
+be decrypted or some parts of the keys to be determined by an attacker
+depending on which cipher is used.
+
+This document focuses on the cases that apply to systems using hostapd
+(AP) or wpa_supplicant (station), but it should be noted that the
+generic vulnerability itself is applicable to other implementations and
+may have different impact in other cases.
+
+This vulnerability can in theory apply to any case where a TK (the
+pairwise/unicast encryption key used with TKIP, CCMP, GCMP), a GTK
+(group/multicast encryption key), or an IGTK (group management frame
+integrity protection key) is configured by the Authentication/Supplicant
+component to the WLAN driver/firmware taking care of the TX/RX path and
+encryption/decryption of frames.
+
+If the same key is configured multiple times, it is likely that the
+transmit and receive packet numbers (PN, IPN, RSC/TSC, etc.) are cleared
+to a smaller value (zero in case of pairwise keys, zero or at least a
+smaller value than the last used value in case of group keys). When this
+happens with the same key, this breaks replay protection on RX side and
+can result in reuse of packet numbers on TX side. The former may allow
+replaying of previously delivered packets (without the attacker being
+able to decrypt them or modify their contents) while the latter may
+result in more severe issues on the TX side due to resulting CCM nonce
+replay and related issues with GCMP and TKIP. The TX side issue may make
+it significantly easier for the attacker to decrypt frames and determine
+some parts of the keys (e.g., a Michael MIC key in case of TKIP).
+
+Impact on AP/hostapd
+
+On the AP side, this generic issue has been determined to be applicable
+in the case where hostapd is used to operate an RSN/WPA2 network with FT
+(Fast BSS Transition from IEEE 802.11r) enabled. Replaying of the
+Reassociation Request frame can be used to get the AP reinstalling the
+TK which results in the AP accepting previously delivered unicast frames
+from the station and the AP reusing previously used packet numbers
+(local TX packet number gets reset to zero). This latter issue on the TX
+side can result in CCM nonce reuse which invalidates CCMP security
+properties. In case of TKIP this can result in the attacker being able
+to determine part of the TK more easily and with GCMP, result in similar
+issues.
+
+It should be noted that the AP side issue with FT would be close to
+applying to FILS authentication (from IEEE 802.11ai) in hostapd with
+replaying of (Re)Association Request frames. However, due to a different
+handling of the repeated association processing with FILS, this would
+actually result in the station getting immediately disconnected which
+prevents this attack in practice. In addition, the FILS implementation
+in the current hostapd version is still experimental and documented as
+being discouraged in production use cases.
+
+Another area of potentially reduced security was identified when looking
+into these issues. When AP/Authenticator implementation in hostapd is
+requested to rekey the PTK without performing EAP reauthentication
+(either through local periodic rekeying or due to a request from an
+association station), the ANonce value does not get updated. This
+results in the new 4-way handshake depending on the station/supplicant
+side generating a new, unique (for the current PMK/PSK) SNonce for the
+PTK derivation to result in a new key. While a properly working
+supplicant would do so, if there is a supplicant implementation that
+does not, this combination could result in deriving the same PTK
+again. When the TK from that PTK gets configured in the driver, this
+would result in reinstalling the same key and the same issues as
+described above for the FT protocol case.
+
+Impact on station/wpa_supplicant
+
+On the station side, this generic issue has been determined to be
+applicable in the cases where wpa_supplicant processes a group key (GTK
+or IGTK) update from the AP. An attacker that is able to limit access
+to frame delivery may be able to extract two update messages and deliver
+those to the station with significant time delay between them. When
+wpa_supplicant processes the second message, it may end up reinstalling
+the same key to the driver and when doing this, clear the RX packet
+number to an old value. This would allow the attacker to replay all
+group-addressed frames that the AP sent between the time the key update
+message was originally sent and the time when the attacker forwarded the
+second frame to the station. The attacker would not be able to decrypt
+or modify the frames based on this vulnerability, though. There is an
+exception to this with older wpa_supplicant versions as noted below in
+version specific notes.
+
+For the current wpa_supplicant version (v2.6), there is also an
+additional EAPOL-Key replay sequence where an additional forged
+EAPOL-Key message can be used to bypass the existing protection for the
+pairwise key reconfiguration in a manner that ends up configuring a
+known TK that an attacker could use to decrypt any frame sent by the
+station and to inject arbitrary unicast frames. Similar issues are
+reachable in older versions as noted below.
+
+PeerKey / TDLS PeerKey
+
+As far as the related CVE-2017-13084 (reinstallation of the STK key in
+the PeerKey handshake) is concerned, it should be noted that PeerKey
+implementation in wpa_supplicant is not fully functional and the actual
+installation of the key into the driver does not work. As such, this
+item is not applicable in practice. Furthermore, the PeerKey handshake
+for IEEE 802.11e DLS is obsolete and not known to have been deployed.
+
+As far as the TDLS PeerKey handshake is concerned (CVE-2017-13086),
+wpa_supplicant implementation is already rejecting TPK M2 retries, so
+the reconfiguration issue cannot apply for it. For TPK M3, there is a
+theoretical impact. However, if that frame is replayed, the current
+wpa_supplicant implementation ends up tearing down the TDLS link
+immediately and as such, there is no real window for performing the
+attack. Furthermore, TPK M3 goes through the AP path and if RSN is used
+there, that frame has replay protection, so the attacker could not
+perform the attack. If the AP path were to use WEP, the frame could be
+replayed, though. That said, if WEP is used on the AP path, it would be
+fair to assume that there is no security in the network, so a new attack
+vector would be of small additional value.
+
+With older wpa_supplicant versions, it may be possible for an attacker
+to cause TPK M2 to be retransmitted with delay that would be able to
+trigger reinstallation of TK on the peer receiving TPK M2
+(CVE-2017-13086). This may open a short window for the attack with v2.3,
+v2.4, and v2.5; and a longer window with older versions.
+
+Vulnerable versions/configurations
+
+For the AP/Authenticator TK (unicast) reinstallation in FT protocol
+(CVE-2017-13082):
+
+hostapd v0.7.2 and newer with FT enabled (i.e., practically all versions
+that include full FT implementation). FT needs to be enabled in the
+runtime configuration to make this applicable.
+
+For the AP/Authenticator missing ANonce during PTK rekeying:
+
+All hostapd versions.
+
+For the station/Supplicant side GTK/IGTK reinstallation and TK
+configuration:
+
+All wpa_supplicant versions. The impact on older versions can be more
+severe due to earlier changes in this area: v2.3 and older can also
+reinstall the pairwise key and as such have similar impact as the AP FT
+case (CVE-2017-13077); v2.4 and v2.5 end up configuring an all-zero TK
+which breaks the normal data path, but could allow an attacker to
+decrypt all following frames from the station and to inject arbitrary
+frames to the station. In addition, a different message sequence
+involving 4-way handshake can result in configuration of an all-zero TK
+in v2.6 and the current snapshot of the development repository as of the
+publication of this advisory.
+
+
+Acknowledgments
+
+Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU
+Leuven for discovering and reporting this issue. Thanks to John A. Van
+Boxtel for finding additional issues related to this topic.
+
+
+Possible mitigation steps
+
+- For AP/hostapd and FT replay issue (CVE-2017-13082), it is possible to
+  prevent the issue temporarily by disabling FT in runtime
+  configuration, if needed before being able to update the
+  implementations.
+
+- Merge the following commits to hostapd/wpa_supplicant and rebuild them:
+
+  hostapd and replayed FT reassociation request frame (CVE-2017-13082):
+  hostapd: Avoid key reinstallation in FT handshake
+
+  hostapd PTK rekeying and ANonce update:
+  Fix PTK rekeying to generate a new ANonce
+
+  wpa_supplicant and GTK/IGTK rekeying (CVE-2017-13078, CVE-2017-13079,
+  CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088):
+  Prevent reinstallation of an already in-use group key
+  Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
+
+  wpa_supplicant (v2.6 or newer snapshot) and known TK issue:
+  Prevent installation of an all-zero TK
+
+  Additional protection steps for wpa_supplicant:
+  TDLS: Reject TPK-TK reconfiguration
+  WNM: Ignore WNM-Sleep Mode Response without pending request
+  FT: Do not allow multiple Reassociation Response frames
+
+  These patches are available from https://w1.fi/security/2017-1/
+  (both against the snapshot of hostap.git master branch and rebased on
+  top of the v2.6 release)
+
+  For the TDLS TPK M2 retransmission issue (CVE-2017-13086) with older
+  wpa_supplicant versions, consider updating to the latest version or
+  merge in a commit that is present in v2.6:
+  https://w1.fi/cgit/hostap/commit/?id=dabdef9e048b17b22b1c025ad592922eab30dda8
+  ('TDLS: Ignore incoming TDLS Setup Response retries')
+
+- Update to hostapd/wpa_supplicant v2.7 or newer, once available
+  * it should be noted that there are number of additional changes in
+    the related areas of the implementation to provide extra layer of
+    protection for potential unknown issues; these changes are not
+    included in this advisory as they have not been identified to be
+    critical for preventing any of the identified security
+    vulnerabilities; however, users of hostapd/wpa_supplicant are
+    encouraged to consider merging such changes even if not fully
+    moving to v2.7
diff --git a/source/n/wpa_supplicant/config/dot.config b/source/n/wpa_supplicant/config/dot.config
index 45593ac6f..1c7f67df4 100644
--- a/source/n/wpa_supplicant/config/dot.config
+++ b/source/n/wpa_supplicant/config/dot.config
@@ -6,6 +6,7 @@ CONFIG_CTRL_IFACE_DBUS=y
 CONFIG_CTRL_IFACE_DBUS_INTRO=y
 CONFIG_CTRL_IFACE_DBUS_NEW=y
 CONFIG_DEBUG_FILE=y
+CONFIG_DEBUG_SYSLOG=y
 CONFIG_DRIVER_NL80211=y
 CONFIG_DRIVER_WEXT=y
 CONFIG_DRIVER_WIRED=y
@@ -26,6 +27,9 @@ CONFIG_EAP_TLS=y
 CONFIG_EAP_TNC=y
 CONFIG_EAP_TTLS=y
 CONFIG_IBSS_RSN=y
+CONFIG_IEEE80211N=y
+CONFIG_IEEE80211R=y
+CONFIG_IEEE80211W=y
 CONFIG_IEEE8021X_EAPOL=y
 CONFIG_LIBNL32=y
 CONFIG_P2P=y
@@ -33,5 +37,8 @@ CONFIG_PEERKEY=y
 CONFIG_PKCS12=y
 CONFIG_READLINE=y
 CONFIG_SMARTCARD=y
+CONFIG_TLS_DEFAULT_CIPHERS="PROFILE=SYSTEM:3DES"
+CONFIG_WIFI_DISPLAY=y
 CONFIG_WPS=y
-
+#CONFIG_MACSEC=y
+#CONFIG_DRIVER_MACSEC_LINUX=y
diff --git a/source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch b/source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch
new file mode 100644
index 000000000..bee574a5c
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/Fix-openssl-1-1-private-key-callback.patch
@@ -0,0 +1,127 @@
+From 25b37c54a47e49d591f5752bbf0f510480402cae Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani@redhat.com>
+Date: Sun, 9 Jul 2017 11:14:10 +0200
+Subject: [PATCH 1/2] OpenSSL: Fix private key password handling with OpenSSL
+ >= 1.1.0f
+
+Since OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the
+callback from the SSL object instead of the one from the CTX, so let's
+set the callback on both SSL and CTX. Note that
+SSL_set_default_passwd_cb*() is available only in 1.1.0.
+
+Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
+(cherry picked from commit f665c93e1d28fbab3d9127a8c3985cc32940824f)
+---
+ src/crypto/tls_openssl.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
+index c4170b6..bceb8c3 100644
+--- a/src/crypto/tls_openssl.c
++++ b/src/crypto/tls_openssl.c
+@@ -2779,6 +2779,15 @@ static int tls_connection_private_key(struct tls_data *data,
+ 	} else
+ 		passwd = NULL;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++	/*
++	 * In OpenSSL >= 1.1.0f SSL_use_PrivateKey_file() uses the callback
++	 * from the SSL object. See OpenSSL commit d61461a75253.
++	 */
++	SSL_set_default_passwd_cb(conn->ssl, tls_passwd_cb);
++	SSL_set_default_passwd_cb_userdata(conn->ssl, passwd);
++#endif /* >= 1.1.0f && !LibreSSL */
++	/* Keep these for OpenSSL < 1.1.0f */
+ 	SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
+ 	SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
+ 
+@@ -2869,6 +2878,9 @@ static int tls_connection_private_key(struct tls_data *data,
+ 		return -1;
+ 	}
+ 	ERR_clear_error();
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++	SSL_set_default_passwd_cb(conn->ssl, NULL);
++#endif /* >= 1.1.0f && !LibreSSL */
+ 	SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
+ 	os_free(passwd);
+ 
+-- 
+2.9.3
+
+From b2887d6964a406eb5f88f4ad4e9764c468954382 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Mon, 17 Jul 2017 12:06:17 +0300
+Subject: [PATCH 2/2] OpenSSL: Clear default_passwd_cb more thoroughly
+
+Previously, the pointer to strdup passwd was left in OpenSSL library
+default_passwd_cb_userdata and even the default_passwd_cb was left set
+on an error path. To avoid unexpected behavior if something were to
+manage to use there pointers, clear them explicitly once done with
+loading of the private key.
+
+Signed-off-by: Jouni Malinen <j@w1.fi>
+(cherry picked from commit 89971d8b1e328a2f79699c953625d1671fd40384)
+---
+ src/crypto/tls_openssl.c | 22 +++++++++++++++++-----
+ 1 file changed, 17 insertions(+), 5 deletions(-)
+
+diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
+index bceb8c3..770af9e 100644
+--- a/src/crypto/tls_openssl.c
++++ b/src/crypto/tls_openssl.c
+@@ -2758,6 +2758,19 @@ static int tls_connection_engine_private_key(struct tls_connection *conn)
+ }
+ 
+ 
++static void tls_clear_default_passwd_cb(SSL_CTX *ssl_ctx, SSL *ssl)
++{
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++	if (ssl) {
++		SSL_set_default_passwd_cb(ssl, NULL);
++		SSL_set_default_passwd_cb_userdata(ssl, NULL);
++	}
++#endif /* >= 1.1.0f && !LibreSSL */
++	SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
++	SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, NULL);
++}
++
++
+ static int tls_connection_private_key(struct tls_data *data,
+ 				      struct tls_connection *conn,
+ 				      const char *private_key,
+@@ -2874,14 +2887,12 @@ static int tls_connection_private_key(struct tls_data *data,
+ 	if (!ok) {
+ 		tls_show_errors(MSG_INFO, __func__,
+ 				"Failed to load private key");
++		tls_clear_default_passwd_cb(ssl_ctx, conn->ssl);
+ 		os_free(passwd);
+ 		return -1;
+ 	}
+ 	ERR_clear_error();
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+-	SSL_set_default_passwd_cb(conn->ssl, NULL);
+-#endif /* >= 1.1.0f && !LibreSSL */
+-	SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
++	tls_clear_default_passwd_cb(ssl_ctx, conn->ssl);
+ 	os_free(passwd);
+ 
+ 	if (!SSL_check_private_key(conn->ssl)) {
+@@ -2924,13 +2935,14 @@ static int tls_global_private_key(struct tls_data *data,
+ 	    tls_read_pkcs12(data, NULL, private_key, passwd)) {
+ 		tls_show_errors(MSG_INFO, __func__,
+ 				"Failed to load private key");
++		tls_clear_default_passwd_cb(ssl_ctx, NULL);
+ 		os_free(passwd);
+ 		ERR_clear_error();
+ 		return -1;
+ 	}
++	tls_clear_default_passwd_cb(ssl_ctx, NULL);
+ 	os_free(passwd);
+ 	ERR_clear_error();
+-	SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
+ 
+ 	if (!SSL_CTX_check_private_key(ssl_ctx)) {
+ 		tls_show_errors(MSG_INFO, __func__,
+-- 
+2.9.3
+
diff --git a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff b/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff
index 533ad5cc0..7f85e8102 100644
--- a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff
+++ b/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff
@@ -1,9 +1,9 @@
---- ./wpa_supplicant/events.c.orig	2014-10-09 09:41:31.000000000 -0500
-+++ ./wpa_supplicant/events.c	2014-12-04 13:09:49.477850355 -0600
-@@ -1330,11 +1330,11 @@
- 		wpa_s->own_scan_running, wpa_s->external_scan_running);
+--- ./wpa_supplicant/events.c.orig	2017-01-05 11:29:16.968898845 -0600
++++ ./wpa_supplicant/events.c	2017-01-05 11:31:13.515907254 -0600
+@@ -1555,11 +1555,11 @@
  	if (wpa_s->last_scan_req == MANUAL_SCAN_REQ &&
- 	    wpa_s->manual_scan_use_id && wpa_s->own_scan_running) {
+ 	    wpa_s->manual_scan_use_id && wpa_s->own_scan_running &&
+ 	    own_request && !(data && data->scan_info.external_scan)) {
 -		wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS "id=%u",
 +		wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS "id=%u",
  			     wpa_s->manual_scan_id);
diff --git a/source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch b/source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch
new file mode 100644
index 000000000..0c03e1dc4
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch
@@ -0,0 +1,99 @@
+From 290834df69556b903b49f2a45671cc62b44f13bb Mon Sep 17 00:00:00 2001
+From: Beniamino Galvani <bgalvani@redhat.com>
+Date: Fri, 28 Apr 2017 17:59:30 +0200
+Subject: [PATCH] nl80211: Fix race condition in detecting MAC change
+
+Commit 3e0272ca00ce1df35b45e7d739dd7e935f13fd84 ('nl80211: Re-read MAC
+address on RTM_NEWLINK') added the detection of external changes to MAC
+address when the interface is brought up.
+
+If the interface state is changed quickly enough, wpa_supplicant may
+receive the netlink message for the !IFF_UP event when the interface
+has already been brought up and would ignore the next netlink IFF_UP
+message, missing the MAC change.
+
+Fix this by also reloading the MAC address when a !IFF_UP event is
+received with the interface up, because this implies that the
+interface went down and up again, possibly changing the address.
+
+Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
+---
+ src/drivers/driver_nl80211.c | 47 +++++++++++++++++++++++++-------------------
+ 1 file changed, 27 insertions(+), 20 deletions(-)
+
+diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
+index af1cb84..24fad29 100644
+--- a/src/drivers/driver_nl80211.c
++++ b/src/drivers/driver_nl80211.c
+@@ -933,6 +933,30 @@ nl80211_find_drv(struct nl80211_global *global, int idx, u8 *buf, size_t len)
+ }
+ 
+ 
++static void nl80211_refresh_mac(struct wpa_driver_nl80211_data *drv,
++				int ifindex)
++{
++	struct i802_bss *bss;
++	u8 addr[ETH_ALEN];
++
++	bss = get_bss_ifindex(drv, ifindex);
++	if (bss &&
++	    linux_get_ifhwaddr(drv->global->ioctl_sock,
++			       bss->ifname, addr) < 0) {
++		wpa_printf(MSG_DEBUG,
++			   "nl80211: %s: failed to re-read MAC address",
++			   bss->ifname);
++	} else if (bss && os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
++		wpa_printf(MSG_DEBUG,
++			   "nl80211: Own MAC address on ifindex %d (%s) changed from "
++			   MACSTR " to " MACSTR,
++			   ifindex, bss->ifname,
++			   MAC2STR(bss->addr), MAC2STR(addr));
++		os_memcpy(bss->addr, addr, ETH_ALEN);
++	}
++}
++
++
+ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
+ 						 struct ifinfomsg *ifi,
+ 						 u8 *buf, size_t len)
+@@ -997,6 +1021,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
+ 		namebuf[0] = '\0';
+ 		if (if_indextoname(ifi->ifi_index, namebuf) &&
+ 		    linux_iface_up(drv->global->ioctl_sock, namebuf) > 0) {
++			/* Re-read MAC address as it may have changed */
++			nl80211_refresh_mac(drv, ifi->ifi_index);
+ 			wpa_printf(MSG_DEBUG, "nl80211: Ignore interface down "
+ 				   "event since interface %s is up", namebuf);
+ 			drv->ignore_if_down_event = 0;
+@@ -1044,27 +1070,8 @@ static void wpa_driver_nl80211_event_rtm_newlink(void *ctx,
+ 				   "event since interface %s is marked "
+ 				   "removed", drv->first_bss->ifname);
+ 		} else {
+-			struct i802_bss *bss;
+-			u8 addr[ETH_ALEN];
+-
+ 			/* Re-read MAC address as it may have changed */
+-			bss = get_bss_ifindex(drv, ifi->ifi_index);
+-			if (bss &&
+-			    linux_get_ifhwaddr(drv->global->ioctl_sock,
+-					       bss->ifname, addr) < 0) {
+-				wpa_printf(MSG_DEBUG,
+-					   "nl80211: %s: failed to re-read MAC address",
+-					   bss->ifname);
+-			} else if (bss &&
+-				   os_memcmp(addr, bss->addr, ETH_ALEN) != 0) {
+-				wpa_printf(MSG_DEBUG,
+-					   "nl80211: Own MAC address on ifindex %d (%s) changed from "
+-					   MACSTR " to " MACSTR,
+-					   ifi->ifi_index, bss->ifname,
+-					   MAC2STR(bss->addr),
+-					   MAC2STR(addr));
+-				os_memcpy(bss->addr, addr, ETH_ALEN);
+-			}
++			nl80211_refresh_mac(drv, ifi->ifi_index);
+ 
+ 			wpa_printf(MSG_DEBUG, "nl80211: Interface up");
+ 			drv->if_disabled = 0;
+-- 
+2.9.3
+
diff --git a/source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch b/source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch
new file mode 100644
index 000000000..d99be04c3
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/rh1497640-pae-validate-input-before-pointer.patch
@@ -0,0 +1,78 @@
+From 0ad5893a2f1f521d44712cd395e067ccf0a397c3 Mon Sep 17 00:00:00 2001
+From: Michael Braun <michael-dev@fami-braun.de>
+Date: Fri, 18 Aug 2017 01:14:28 +0200
+Subject: PAE: Validate input before pointer
+
+ieee802_1x_kay_decode_mkpdu() calls ieee802_1x_mka_i_in_peerlist()
+before body_len has been checked on all segments.
+
+ieee802_1x_kay_decode_mkpdu() and ieee802_1x_mka_i_in_peerlist() might
+continue and thus underflow left_len even if it finds left_len to small
+(or before checking).
+
+Additionally, ieee802_1x_mka_dump_peer_body() might perform out of bound
+reads in this case.
+
+Fix this by checking left_len and aborting if too small early.
+
+Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
+---
+ src/pae/ieee802_1x_kay.c | 23 ++++++++++++-----------
+ 1 file changed, 12 insertions(+), 11 deletions(-)
+
+diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
+index c4bfcbc..cad0292 100644
+--- a/src/pae/ieee802_1x_kay.c
++++ b/src/pae/ieee802_1x_kay.c
+@@ -964,21 +964,19 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
+ 		body_len = get_mka_param_body_len(hdr);
+ 		body_type = get_mka_param_body_type(hdr);
+ 
+-		if (body_type != MKA_LIVE_PEER_LIST &&
+-		    body_type != MKA_POTENTIAL_PEER_LIST)
+-			continue;
+-
+-		ieee802_1x_mka_dump_peer_body(
+-			(struct ieee802_1x_mka_peer_body *)pos);
+-
+-		if (left_len < (MKA_HDR_LEN + body_len + DEFAULT_ICV_LEN)) {
++		if (left_len < (MKA_HDR_LEN + MKA_ALIGN_LENGTH(body_len) + DEFAULT_ICV_LEN)) {
+ 			wpa_printf(MSG_ERROR,
+ 				   "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV",
+ 				   left_len, MKA_HDR_LEN,
+-				   body_len, DEFAULT_ICV_LEN);
+-			continue;
++				   MKA_ALIGN_LENGTH(body_len),
++				   DEFAULT_ICV_LEN);
++			return FALSE;
+ 		}
+ 
++		if (body_type != MKA_LIVE_PEER_LIST &&
++		    body_type != MKA_POTENTIAL_PEER_LIST)
++			continue;
++
+ 		if ((body_len % 16) != 0) {
+ 			wpa_printf(MSG_ERROR,
+ 				   "KaY: MKA Peer Packet Body Length (%zu bytes) should be a multiple of 16 octets",
+@@ -986,6 +984,9 @@ ieee802_1x_mka_i_in_peerlist(struct ieee802_1x_mka_participant *participant,
+ 			continue;
+ 		}
+ 
++		ieee802_1x_mka_dump_peer_body(
++			(struct ieee802_1x_mka_peer_body *)pos);
++
+ 		for (i = 0; i < body_len;
+ 		     i += sizeof(struct ieee802_1x_mka_peer_id)) {
+ 			const struct ieee802_1x_mka_peer_id *peer_mi;
+@@ -3018,7 +3019,7 @@ static int ieee802_1x_kay_decode_mkpdu(struct ieee802_1x_kay *kay,
+ 				   "KaY: MKA Peer Packet Body Length (%zu bytes) is less than the Parameter Set Header Length (%zu bytes) + the Parameter Set Body Length (%zu bytes) + %d bytes of ICV",
+ 				   left_len, MKA_HDR_LEN,
+ 				   body_len, DEFAULT_ICV_LEN);
+-			continue;
++			return -1;
+ 		}
+ 
+ 		if (handled[body_type])
+-- 
+cgit v0.12
+
diff --git a/source/n/wpa_supplicant/slack-desc b/source/n/wpa_supplicant/slack-desc
index 4313b3783..b891fbbde 100644
--- a/source/n/wpa_supplicant/slack-desc
+++ b/source/n/wpa_supplicant/slack-desc
@@ -1,15 +1,15 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
               |-----handy-ruler------------------------------------------------------|
 wpa_supplicant: wpa_supplicant (WPA/WPA2/IEEE 802.1X Supplicant)
 wpa_supplicant:
 wpa_supplicant: wpa_supplicant is a WPA Supplicant for Linux with support for WPA and
-wpa_supplicant: WPA2 (IEEE 802.11i / RSN).  Supplicant is the IEEE 802.1X/WPA
-wpa_supplicant: component that is used in the client stations.  It implements key
+wpa_supplicant: WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA
+wpa_supplicant: component that is used in the client stations. It implements key
 wpa_supplicant: negotiation with a WPA Authenticator and it controls the roaming and
 wpa_supplicant: IEEE 802.11 authentication/association of the wlan driver.
 wpa_supplicant:
diff --git a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild
index 8657c4a6d..f753cc720 100755
--- a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild
+++ b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash
 
 # Copyright 2004-2008 Eric Hameleers, Eindhoven, NL
-# Copyright 2008-2015  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008-2018  Patrick J. Volkerding, Sebeka, MN, USA
 #  Permission to use, copy, modify, and distribute this software for
 #  any purpose with or without fee is hereby granted, provided that
 #  the above copyright notice and this permission notice appear in all
@@ -21,9 +21,11 @@
 #  SUCH DAMAGE.
 # -----------------------------------------------------------------------------
 
+cd $(dirname $0) ; CWD=$(pwd)
+
 PKGNAM=wpa_supplicant
 VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-6}
 
 SRCVERSION=$(printf $VERSION | tr _ -)
 
@@ -37,6 +39,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
 if [ "$ARCH" = "i586" ]; then
@@ -59,7 +69,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-$PKGNAM
 
@@ -76,16 +85,29 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
+zcat $CWD/2017-1/rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch.gz | patch -p1 || exit 1
+zcat $CWD/2017-1/rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch.gz | patch -p1 || exit 1
+zcat $CWD/2017-1/rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch.gz | patch -p1 || exit 1
+zcat $CWD/2017-1/rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch.gz | patch -p1 || exit 1
+zcat $CWD/2017-1/rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch.gz | patch -p1 || exit 1
+zcat $CWD/2017-1/rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch.gz | patch -p1 || exit 1
+zcat $CWD/2017-1/rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch.gz | patch -p1 || exit 1
+zcat $CWD/2017-1/rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch.gz | patch -p1 || exit 1
 
 # Fixup various paths in the dbus service file
-cat $CWD/patches/dbus-service-file-args.diff | patch -p1 --verbose || exit 1
+zcat $CWD/patches/dbus-service-file-args.diff.gz | patch -p1 --verbose || exit 1
 
 # Eliminate some logspam
-cat $CWD/patches/quiet-scan-results-message.diff | patch -p1 --verbose || exit 1
+zcat $CWD/patches/quiet-scan-results-message.diff.gz | patch -p1 --verbose || exit 1
+
+# Apply a few other patches from Fedora
+zcat $CWD/patches/assoc-timeout.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/patches/flush-debug-output.diff.gz | patch -p1 --verbose || exit 1
+zcat $CWD/patches/rh1451834-nl80211-Fix-race-condition-in-detecting-MAC-change.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/patches/rh1497640-pae-validate-input-before-pointer.patch.gz | patch -p1 --verbose || exit 1
 
-# Apply a couple of other patches from Fedora
-cat $CWD/patches/assoc-timeout.diff | patch -p1 --verbose || exit 1
-cat $CWD/patches/flush-debug-output.diff | patch -p1 --verbose || exit 1
+# Support OpenSSL-1.1.x:
+zcat $CWD/patches/Fix-openssl-1-1-private-key-callback.patch.gz | patch -p1 --verbose || exit 1
 
 cd wpa_supplicant
 
diff --git a/source/n/yptools/rc.yp b/source/n/yptools/rc.yp
index eda9634e4..a1a997464 100644
--- a/source/n/yptools/rc.yp
+++ b/source/n/yptools/rc.yp
@@ -3,25 +3,34 @@
 #
 # Start NIS (Network Information Service).  NIS provides network-wide
 # distribution of hostname, username, and other information databases.
-# After configuring NIS, you will need to uncomment the parts of this
-# script that you want to run.
+# After configuring NIS, you will either need to uncomment the parts
+# of this script that you want to run, or tweak /etc/default/yp
 #
 # NOTE: for detailed information about setting up NIS, see the
 # documentation in /usr/doc/yp-tools, /usr/doc/ypbind,
 # /usr/doc/ypserv, and /usr/doc/Linux-HOWTOs/NIS-HOWTO.
 
 # Set non-zero to enable yp client functions
+# Can also be used in /etc/default/yp to override this default:
 YP_CLIENT_ENABLE=1
 
 # Set non-zero to enable yp server functions
+# Can also be used in /etc/default/yp to override this default:
 YP_SERVER_ENABLE=0
 
 # If YP_SERVER_ENABLE is set, a non-zero YP_XFRD_ENABLE setting will
 # enable ypxfrd.
+# Can also be used in /etc/default/yp to override this default:
 YP_XFRD_ENABLE=0
 
 PID_PATH=/var/run
 
+# Source options. Doing this here makes it possible
+# to override YP_*_ENABLE set above
+if [ -r /etc/default/yp ]; then
+  . /etc/default/yp
+fi
+
 yp_start() {
 
   if [ $YP_SERVER_ENABLE -ne 0 ]; then
@@ -29,21 +38,17 @@ yp_start() {
     # If you are the master server for the NIS domain, you must run ypserv to
     # service clients on the domain.
     if [ -x /usr/sbin/ypserv ]; then
-      echo "Starting NIS server:  /usr/sbin/ypserv"
-      /usr/sbin/ypserv
+      echo "Starting NIS server:  /usr/sbin/ypserv $YPSERV_OPTS"
+      /usr/sbin/ypserv $YPSERV_OPTS
     fi
 
     # If you are the master server for the NIS domain, you must also run
     # rpc.yppasswdd, which is the RPC server that lets users change their
-    # passwords.  You might also want users to be able to change their shell
-    # and GECOS information, in which case you should comment out the first
-    # yppasswdd line and uncomment out the second one.
+    # passwords.
 
     if [ -x /usr/sbin/rpc.yppasswdd ]; then
-      echo "Starting NIS master password server:  /usr/sbin/rpc.yppasswdd"
-      /usr/sbin/rpc.yppasswdd
-      # echo "Starting NIS master password server:  /usr/sbin/rpc.yppasswdd -e chsh -e chfn"
-      # /usr/sbin/rpc.yppasswdd -e chsh -e chfn
+      echo "Starting NIS master password server:  /usr/sbin/rpc.yppasswdd $YPPASSWDD_OPTS"
+      /usr/sbin/rpc.yppasswdd $YPPASSWDD_OPTS
     fi
 
     # If you have NIS slave servers, you might also want to start up
@@ -51,20 +56,22 @@ yp_start() {
     # Alternatively, rpc.ypxfrd can be run out of inetd.
     if [ $YP_XFRD_ENABLE -ne 0 ]; then
       if [ -x /usr/sbin/rpc.ypxfrd ]; then
-        echo "Starting NIS transfer server:  /usr/sbin/rpc.ypxfrd"
-        /usr/sbin/rpc.ypxfrd
+        echo "Starting NIS transfer server:  /usr/sbin/rpc.ypxfrd $YPXFRD_OPTS"
+        /usr/sbin/rpc.ypxfrd $YPXFRD_OPTS
       fi
     fi
   fi
 
   if [ $YP_CLIENT_ENABLE -ne 0 ]; then
     # NIS CLIENT CONFIGURATION:
-    # If you are a NIS client, all you need to do is run ypbind, which will
-    # broadcast across the network to find a server.  Your NIS server might
-    # also be a client.
+    # If you are a NIS client, all you need to do is run ypbind.
+    # Your NIS server might also be a client.
     if [ -d /var/yp ]; then
-      echo "Starting NIS services:  /usr/sbin/ypbind -broadcast"
-      /usr/sbin/ypbind -broadcast
+      if [ -z "$YPBIND_OPTS" ]; then
+        YPBIND_OPTS="-broadcast"
+      fi
+      echo "Starting NIS services:  /usr/sbin/ypbind $YPBIND_OPTS"
+      /usr/sbin/ypbind $YPBIND_OPTS
     fi
   fi
 }
@@ -96,9 +103,9 @@ yp_stop() {
 # domainname is the name of a domain served by your NIS server.
 #
 # If /etc/defaultdomain has not been configured we'll bail out.
-if [ -r /etc/defaultdomain -a -x /bin/nisdomainname ]; then
-  if [ "$(nisdomainname)" == "(none)" ]; then
-    nisdomainname `cat /etc/defaultdomain`
+if [ -r /etc/defaultdomain ] && [ -x /bin/nisdomainname ]; then
+  if ! /bin/nisdomainname 1>/dev/null 2>/dev/null ; then
+    nisdomainname $(cat /etc/defaultdomain)
   fi
 else
   echo "/etc/rc.d/rc.yp:  NIS not configured.  Hint: set up /etc/defaultdomain."
diff --git a/source/n/yptools/slack-desc b/source/n/yptools/slack-desc
index bedfb39e6..32af20653 100644
--- a/source/n/yptools/slack-desc
+++ b/source/n/yptools/slack-desc
@@ -1,14 +1,14 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
        |-----handy-ruler------------------------------------------------------|
 yptools: yptools (NIS servers and clients)
 yptools:
-yptools: NIS stands for Network Information Service.  NIS is usually used to
+yptools: NIS stands for Network Information Service. NIS is usually used to
 yptools: provide /etc/passwd and /etc/group information throughout the network.
 yptools: Most Sun-based networks run NIS, and Linux machines can take full
 yptools: advantage of existing NIS service or provide NIS service themselves.
diff --git a/source/n/yptools/yp.default b/source/n/yptools/yp.default
new file mode 100644
index 000000000..539d77532
--- /dev/null
+++ b/source/n/yptools/yp.default
@@ -0,0 +1,37 @@
+# This file can be used to tweak the way YP (NIS) services
+# are started.
+#
+# Optional arguments to pass ypserv upon startup:
+#YPSERV_OPTS=""
+#
+# Example:
+#   If you run NIS in a firewalled environment you might want
+#   to bind ypserv to a specific port:
+#   YPSERV_OPTS="-p 12345"
+# See ypserv(8) for more details.
+#
+#
+# Optional arguments to pass rpc.yppasswdd upon startup:
+#YPPASSWDD_OPTS=""
+#
+# Example:
+#   You might want users to be able to change their shell
+#   and GECOS information, in which case you should add
+#   these options:
+#   YPPASSWDD_OPTS="-e chsh -e chfn"
+# See rpc.yppasswdd(8) for more details.
+#
+#
+# Optional arguments to pass rpc.ypxfrd upon startup:
+#YPXFRD_OPTS=""
+#
+# Example:
+#   If you run NIS in a firewalled environment you might want
+#   to bind rpc.ypxfrd to a specific port:
+#   YPXFRD_OPTS="-p 54321"
+#
+#
+# Optional arguments to pass ypbind upon startup. The default
+# is to use -broadcast if YPBIND_OPTS is not set. This ignores
+# /etc/yp.conf and broadcasts across the network to find a server.
+#YPBIND_OPTS="-broadcast"
diff --git a/source/n/yptools/yptools.SlackBuild b/source/n/yptools/yptools.SlackBuild
index 3b876935a..1205874db 100755
--- a/source/n/yptools/yptools.SlackBuild
+++ b/source/n/yptools/yptools.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016, 2017, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,10 +20,12 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 # Package version number:
+PKGNAM=yptools
 VERSION=2.14
-BUILD=${BUILD:-7}
+BUILD=${BUILD:-10}
 
 YPTOOLS=$VERSION
 YPBINDMT=1.38
@@ -40,6 +42,14 @@ if [ -z "$ARCH" ]; then
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 if [ "$ARCH" = "i586" ]; then
   SLKCFLAGS="-O2 -march=i586 -mtune=i686"
   LIBDIRSUFFIX=""
@@ -54,7 +64,6 @@ else
   LIBDIRSUFFIX=""
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-yptools
 rm -rf $PKG
@@ -84,6 +93,9 @@ make clean
   --disable-domainname \
   $ARCH-slackware-linux
 make CFLAGS="$SLKCFLAGS" || exit 1
+
+mkdir -p $PKG/etc/default
+cat $CWD/yp.default > $PKG/etc/default/yp.new
 mkdir -p $PKG/var/yp
 cat etc/nicknames > $PKG/var/yp/nicknames.new
 mkdir -p $PKG/usr/share/locale/de/LC_MESSAGES
@@ -279,6 +291,7 @@ fi
 config etc/nsswitch.conf-nis.new
 config etc/netgroup.new
 config etc/yp.conf.new
+config etc/default/yp.new
 config etc/rc.d/rc.yp.new
 config var/yp/nicknames.new
 config var/yp/Makefile.new
diff --git a/source/n/ytalk/slack-desc b/source/n/ytalk/slack-desc
index d666b2782..14eae29fe 100644
--- a/source/n/ytalk/slack-desc
+++ b/source/n/ytalk/slack-desc
@@ -1,14 +1,14 @@
 # HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
+# The "handy ruler" below makes it easier to edit a package description. Line
 # up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
 # customary to leave one space after the ':'.
 
      |-----handy-ruler------------------------------------------------------|
 ytalk: ytalk (multi-user chat program)
 ytalk:
-ytalk: YTalk is a multi-user chat program.  It works almost exactly like the
+ytalk: YTalk is a multi-user chat program. It works almost exactly like the
 ytalk: UNIX talk program and even communicates with the same talk daemon, but
 ytalk: YTalk allows for multiple connections.
 ytalk:
diff --git a/source/n/ytalk/ytalk.SlackBuild b/source/n/ytalk/ytalk.SlackBuild
index c50917e36..d94e606be 100755
--- a/source/n/ytalk/ytalk.SlackBuild
+++ b/source/n/ytalk/ytalk.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2008, 2009, 2010  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2008, 2009, 2010, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,23 +20,34 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
+
+PKGNAM=ytalk
 VERSION=${VERSION:-3.3.0}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-4}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
-    i?86) export ARCH=i486 ;;
+    i?86) export ARCH=i586 ;;
     arm*) export ARCH=arm ;;
     # Unless $ARCH is already set, use uname -m for all other archs:
        *) export ARCH=$( uname -m ) ;;
   esac
 fi
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
+
 NUMJOBS=${NUMJOBS:-" -j7 "}
 
-if [ "$ARCH" = "i486" ]; then
-  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+  SLKCFLAGS="-O2 -march=i586 -mtune=i686"
 elif [ "$ARCH" = "s390" ]; then
   SLKCFLAGS="-O2"
 elif [ "$ARCH" = "x86_64" ]; then
@@ -45,7 +56,6 @@ else
   SLKCFLAGS="-O2"
 fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-ytalk
 rm -rf $PKG
@@ -67,7 +77,7 @@ CFLAGS="$SLKCFLAGS" \
   --prefix=/usr \
   --sysconfdir=/etc \
   --with-x=no \
-  $ARCH-slackware-linux
+  $ARCH-slackware-linux || exit 1
 
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/source/n/zd1211-firmware/slack-desc b/source/n/zd1211-firmware/slack-desc
new file mode 100644
index 000000000..fef145113
--- /dev/null
+++ b/source/n/zd1211-firmware/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+               |-----handy-ruler------------------------------------------------------|
+zd1211-firmware: zd1211-firmware (Firmware for zd1211 USB wireless)
+zd1211-firmware:
+zd1211-firmware: This distribution contains the firmware files for the ZD1211 chip,
+zd1211-firmware: which is used in WLAN USB sticks. The files are generated from C
+zd1211-firmware: header files distributed in the original ZyDAS ZD1211 driver. The
+zd1211-firmware: GPL-licensed header files used to produce the firmware blobs are also
+zd1211-firmware: present in this distribution.
+zd1211-firmware:
+zd1211-firmware: The full source of the original ZYDAS driver is available from
+zd1211-firmware:  http://zd1211.wiki.sourceforge.net/VendorDriver
+zd1211-firmware:
diff --git a/source/n/zd1211-firmware/zd1211-firmware.SlackBuild b/source/n/zd1211-firmware/zd1211-firmware.SlackBuild
index 430565dc0..9928d3cfa 100755
--- a/source/n/zd1211-firmware/zd1211-firmware.SlackBuild
+++ b/source/n/zd1211-firmware/zd1211-firmware.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
 
-# Copyright 2006, 2008, 2009  Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2008, 2009, 2018  Patrick J. Volkerding, Sebeka, MN, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,22 +20,30 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+cd $(dirname $0) ; CWD=$(pwd)
 
 PKGNAM=zd1211-firmware
-VERSION=${VERSION:-1.4}
+VERSION=${VERSION:-1.5}
 ARCH=${ARCH:-fw}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
 
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+  echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+  exit 0
+fi
 
-CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-${PKGNAM}
+
 rm -rf $PKG
 mkdir -p $TMP $PKG
 
 cd $TMP
 rm -rf ${PKGNAM}
-tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1
+tar xvf $CWD/${PKGNAM}-$VERSION.tar.xz || exit 1
 cd ${PKGNAM} || exit 1
 
 # Make sure ownerships and permissions are sane:
@@ -48,32 +56,11 @@ cp -a * $PKG/lib/firmware/zd1211
 
 # Add a documentation directory:
 mkdir -p $PKG/usr/doc/${PKGNAM}-${VERSION}
-cp -a README COPYING $PKG/usr/doc/${PKGNAM}-${VERSION}
+ln -s ../../../lib/firmware/zd1211/COPYING $PKG/usr/doc/${PKGNAM}-${VERSION}
+ln -s ../../../lib/firmware/zd1211/README $PKG/usr/doc/${PKGNAM}-${VERSION}
 
 mkdir -p $PKG/install
-cat << EOF > $PKG/install/slack-desc
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-               |-----handy-ruler------------------------------------------------------|
-zd1211-firmware: zd1211-firmware (Firmware for zd1211 USB wireless)
-zd1211-firmware:
-zd1211-firmware: This distribution contains the firmware files for the ZD1211 chip,
-zd1211-firmware: which is used in WLAN USB sticks.  The files are generated from C
-zd1211-firmware: header files distributed in the original ZyDAS ZD1211 driver.  The
-zd1211-firmware: GPL-licensed header files used to produce the firmware blobs are also
-zd1211-firmware: present in this distribution.
-zd1211-firmware:
-zd1211-firmware: The full source of the original ZYDAS driver is available from
-zd1211-firmware:   http://zd1211.wiki.sourceforge.net/VendorDriver
-zd1211-firmware:
-
-EOF
+cat $CWD/slack-desc > $PKG/install/slack-desc
 
 cd $PKG
 /sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz
-