Index: trunk/server/common/patches/httpd-2.2.x-sni.patch
===================================================================
--- trunk/server/common/patches/httpd-2.2.x-sni.patch	(revision 1234)
+++ trunk/server/common/patches/httpd-2.2.x-sni.patch	(revision 1259)
@@ -971,6 +971,6 @@
 Index: httpd-2.2.11/docs/manual/mod/mod_ssl.html.en
 ===================================================================
---- httpd-2.2.11/docs/manual/mod/mod_ssl.html.en	(revision 768863)
-+++ httpd-2.2.11/docs/manual/mod/mod_ssl.html.en	(working copy)
+--- httpd-2.2.11/docs/manual/mod/mod_ssl.html.en	2008-08-20 19:02:48.000000000 -0400
++++ httpd-2.2.11/docs/manual/mod/mod_ssl.html.en	2009-06-03 05:33:23.000000000 -0400
 @@ -75,6 +75,7 @@ to provide the cryptography engine.</p>
  <li><img alt="" src="../images/down.gif" /> <a href="#sslrequiressl">SSLRequireSSL</a></li>
@@ -1026,3 +1026,5 @@
 +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
  <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>
- </body></html>
+-</body></html>
+\ No newline at end of file
++</body></html>
Index: trunk/server/common/patches/httpd-suexec-scripts.patch
===================================================================
--- trunk/server/common/patches/httpd-suexec-scripts.patch	(revision 1234)
+++ trunk/server/common/patches/httpd-suexec-scripts.patch	(revision 1259)
@@ -45,6 +45,6 @@
  APACHE_HELP_STRING(--with-suexec-docroot,SuExec root directory),[
    AC_DEFINE_UNQUOTED(AP_DOC_ROOT, "$withval", [SuExec root directory] ) ] )
---- httpd-2.2.2/support/suexec.c.old	2006-04-21 21:53:06.000000000 -0400
-+++ httpd-2.2.2/support/suexec.c	2007-05-22 10:32:04.000000000 -0400
+--- httpd-2.2.11/support/suexec.c.old	2008-11-30 10:47:31.000000000 -0500
++++ httpd-2.2.11/support/suexec.c	2009-06-08 09:02:17.000000000 -0400
 @@ -30,6 +30,9 @@
   *
@@ -57,5 +57,5 @@
  #include "ap_config.h"
  #include "suexec.h"
-@@ -46,6 +48,7 @@
+@@ -46,6 +49,7 @@
  #include <stdio.h>
  #include <stdarg.h>
@@ -65,5 +65,5 @@
  #ifdef HAVE_PWD_H
  #include <pwd.h>
-@@ -95,6 +98,7 @@
+@@ -95,6 +99,7 @@
  {
      /* variable name starts with */
@@ -146,8 +146,8 @@
      clean_env();
 +    setenv("JAVA_TOOL_OPTIONS", "-Xmx128M", 1); /* scripts.mit.edu local hack */
-
+ 
      prog = argv[0];
      /*
-@@ -350,6 +406,20 @@
+@@ -350,6 +414,20 @@
  #endif /*_OSD_POSIX*/
  
@@ -170,5 +170,5 @@
       * or attempts to back up out of the current directory,
       * to protect against attacks.  If any are
-@@ -371,6 +441,7 @@
+@@ -371,6 +449,7 @@
          userdir = 1;
      }
@@ -178,5 +178,5 @@
       * Error out if the target username is invalid.
       */
-@@ -450,7 +521,7 @@
+@@ -452,7 +531,7 @@
       * Error out if attempt is made to execute as root or as
       * a UID less than AP_UID_MIN.  Tsk tsk.
@@ -187,5 +187,5 @@
          exit(107);
      }
-@@ -482,6 +553,21 @@
+@@ -484,6 +563,21 @@
          log_err("failed to setuid (%ld: %s)\n", uid, cmd);
          exit(110);
@@ -209,5 +209,5 @@
      /*
       * Get the current working directory, as well as the proper
-@@ -504,6 +588,21 @@
+@@ -506,6 +600,21 @@
              log_err("cannot get docroot information (%s)\n", target_homedir);
              exit(112);
@@ -231,5 +231,5 @@
      else {
          if (((chdir(AP_DOC_ROOT)) != 0) ||
-@@ -530,15 +629,17 @@
+@@ -532,15 +641,17 @@
      /*
       * Error out if cwd is writable by others.
@@ -250,5 +250,5 @@
          exit(117);
      }
-@@ -546,10 +647,12 @@
+@@ -548,10 +659,12 @@
      /*
       * Error out if the program is writable by others.
@@ -263,5 +263,5 @@
      /*
       * Error out if the file is setuid or setgid.
-@@ -563,6 +666,7 @@
+@@ -565,6 +678,7 @@
       * Error out if the target name/group is different from
       * the name/group of the cwd or the program.
@@ -271,5 +271,5 @@
          (gid != dir_info.st_gid) ||
          (uid != prg_info.st_uid) ||
-@@ -574,12 +678,14 @@
+@@ -576,16 +690,33 @@
                  prg_info.st_uid, prg_info.st_gid);
          exit(120);
@@ -287,13 +287,10 @@
          exit(121);
      }
-@@ -606,6 +711,21 @@
-       exit(122);
-     }
  
 +    if (is_static_extension(cmd)) {
 +        argv[2] = STATIC_CAT_PATH;
 +        execv(STATIC_CAT_PATH, &argv[2]);
-+	log_err("(%d)%s: static_cat exec failed (%s)\n", errno, strerror(errno), argv[2]);
-+	exit(255);
++        log_err("(%d)%s: static_cat exec failed (%s)\n", errno, strerror(errno), argv[2]);
++        exit(255);
 +    }
 +    if (is_php_extension(cmd)) {
@@ -302,9 +299,9 @@
 +        argv[2] = "-f";
 +        execv(PHP_PATH, &argv[1]);
-+	log_err("(%d)%s: php exec failed (%s)\n", errno, strerror(errno), argv[2]);
-+	exit(255);
-+    }
-+
-     /*
-      * Execute the command, replacing our image with its own.
-      */
++        log_err("(%d)%s: php exec failed (%s)\n", errno, strerror(errno), argv[2]);
++        exit(255);
++    }
++
+ #ifdef AP_SUEXEC_UMASK
+     /*
+      * umask() uses inverse logic; bits are CLEAR for allowed access.
Index: trunk/server/common/patches/openafs-delta-dprintf-rename-20090427.patch
===================================================================
--- trunk/server/common/patches/openafs-delta-dprintf-rename-20090427.patch	(revision 1259)
+++ trunk/server/common/patches/openafs-delta-dprintf-rename-20090427.patch	(revision 1259)
@@ -0,0 +1,90 @@
+===================================================================
+RCS file: /cvs/openafs/src/bucoord/bc.p.h,v
+retrieving revision 1.8
+retrieving revision 1.9
+diff -u -r1.8 -r1.9
+--- openafs/src/bucoord/bc.p.h	2009/03/16 13:32:04	1.8
++++ openafs/src/bucoord/bc.p.h	2009/04/27 19:17:14	1.9
+@@ -144,4 +144,4 @@
+ #define	BC_MAXSIMDUMPS	    64
+ #define BC_MAXPORTS	    128	/* max number of port offsets for volrestore */
+ /* debugging support */
+-#define	dprintf(x)
++#define	afs_dprintf(x)
+===================================================================
+RCS file: /cvs/openafs/src/bucoord/ubik_db_if.c,v
+retrieving revision 1.17
+retrieving revision 1.18
+diff -u -r1.17 -r1.18
+--- openafs/src/bucoord/ubik_db_if.c	2009/03/27 13:45:49	1.17
++++ openafs/src/bucoord/ubik_db_if.c	2009/04/27 19:17:14	1.18
+@@ -574,7 +574,7 @@
+ 
+     fileSize = (afs_int32) filesize(ctPtr->textStream);
+ 
+-    dprintf(("filesize is %d\n", fileSize));
++    afs_dprintf(("filesize is %d\n", fileSize));
+ 
+     rewind(ctPtr->textStream);
+ 
+@@ -1350,7 +1350,7 @@
+ 	ERROR(errno);
+ #endif
+ 
+-    dprintf(("file is %s\n", tmpFileName));
++    afs_dprintf(("file is %s\n", tmpFileName));
+ 
+   normal_exit:
+     return code;
+===================================================================
+RCS file: /cvs/openafs/src/config/debug.h,v
+retrieving revision 1.4
+retrieving revision 1.5
+diff -u -r1.4 -r1.5
+--- openafs/src/config/debug.h	2003/07/15 23:14:55	1.4
++++ openafs/src/config/debug.h	2009/04/27 19:17:12	1.5
+@@ -112,21 +112,21 @@
+ 
+ #if defined(AFS_DEBUG)
+ #if defined(lint)
+-#define dprintf(flag, str) printf str
++#define afs_dprintf(flag, str) printf str
+ #define dlprintf(flag, level, str) printf str
+ #define dmprintf(flag, bit, str) printf str
+ #else /* lint */
+-#define dprintf(flag, str) \
++#define afs_dprintf(flag, str) \
+       (void)((flag) ? \
+ 	     ( osi_dp str, osi_dp("\t%s, %d\n", __FILE__, __LINE__)):0)
+-#define dlprintf(flag, level, str) dprintf(((flag) >= (level)), str)
+-#define dmprintf(flag, bit, str) dprintf(((flag)&(1<<((bit)-1))), str)
++#define dlprintf(flag, level, str) afs_dprintf(((flag) >= (level)), str)
++#define dmprintf(flag, bit, str) afs_dprintf(((flag)&(1<<((bit)-1))), str)
+ 
+ #endif /* lint */
+ 
+ #else /* AFS_DEBUG */
+ 
+-#define dprintf(flag, str)
++#define afs_dprintf(flag, str)
+ #define dlprintf(flag, level,str)
+ #define dmprintf(flag, bit, str)
+ 
+===================================================================
+RCS file: /cvs/openafs/src/sgistuff/rcmd.c,v
+retrieving revision 1.1
+retrieving revision 1.2
+diff -u -r1.1 -r1.2
+--- openafs/src/sgistuff/rcmd.c	2005/08/16 17:58:27	1.1
++++ openafs/src/sgistuff/rcmd.c	2009/04/27 19:17:15	1.2
+@@ -55,8 +55,8 @@
+ #endif /* defined(AFS_HPUX_ENV) */
+ #ifdef	TCP_DEBUG
+ #include <sys/syslog.h>
+-#	define	DPRINTF(args)	dprintf args
+-dprintf(args)
++#	define	DPRINTF(args)	afs_dprintf args
++afs_dprintf(args)
+      char *args;
+ {
+     char **argv;
Index: trunk/server/common/patches/openafs-delta-linux26-defer-cred-changing-20090511.patch
===================================================================
--- trunk/server/common/patches/openafs-delta-linux26-defer-cred-changing-20090511.patch	(revision 1259)
+++ trunk/server/common/patches/openafs-delta-linux26-defer-cred-changing-20090511.patch	(revision 1259)
@@ -0,0 +1,15 @@
+--- openafs-1.4.10/src/afs/LINUX/osi_cred.c.orig	2009-06-12 02:03:13.000000000 -0400
++++ openafs-1.4.10/src/afs/LINUX/osi_cred.c	2009-06-12 02:03:16.000000000 -0400
+@@ -104,6 +104,12 @@
+ #if defined(STRUCT_TASK_HAS_CRED)
+     struct cred *new_creds;
+ 
++    /* If our current task doesn't have identical real and effective
++     * credentials, commit_cred won't let us change them, so we just
++     * bail here.
++     */
++    if (current->cred != current->real_cred)
++        return;
+     new_creds = prepare_creds();
+     new_creds->fsuid = cr->cr_uid;
+     new_creds->uid = cr->cr_ruid;
Index: trunk/server/common/patches/openafs-numsysnames.patch
===================================================================
--- trunk/server/common/patches/openafs-numsysnames.patch	(revision 1259)
+++ trunk/server/common/patches/openafs-numsysnames.patch	(revision 1259)
@@ -0,0 +1,11 @@
+--- openafs-1.4.10/src/afs/afs.h.orig	2009-06-06 21:02:53.000000000 -0400
++++ openafs-1.4.10/src/afs/afs.h	2009-06-06 21:03:28.000000000 -0400
+@@ -75,7 +75,7 @@
+ #define	PIGGYSIZE	1350	/* max piggyback size */
+ #define	MAXVOLS		128	/* max vols we can store */
+ #define	MAXSYSNAME	128	/* max sysname (i.e. @sys) size */
+-#define MAXNUMSYSNAMES	16	/* max that current constants allow */
++#define MAXNUMSYSNAMES	32	/* max that current constants allow */
+ #define	NOTOKTIMEOUT	(2*3600)	/* time after which to timeout conns sans tokens */
+ #define	NOPAG		0xffffffff
+ #define AFS_NCBRS	300	/* max # of call back return entries */
Index: trunk/server/common/patches/openafs-scripts.patch
===================================================================
--- trunk/server/common/patches/openafs-scripts.patch	(revision 1234)
+++ trunk/server/common/patches/openafs-scripts.patch	(revision 1259)
@@ -127,5 +127,5 @@
      short multiPage;		/* count of multi-page getpages in progress */
  #endif
-+    bool apache_access;		/* whether or not Apache has access to a file */
++    int apache_access;		/* whether or not Apache has access to a file */
  };
  
Index: trunk/server/common/patches/openssh-4.7p1-gssapi-name-in-env.patch
===================================================================
--- trunk/server/common/patches/openssh-4.7p1-gssapi-name-in-env.patch	(revision 1259)
+++ trunk/server/common/patches/openssh-4.7p1-gssapi-name-in-env.patch	(revision 1259)
@@ -0,0 +1,16 @@
+--- openssh-4.7p1/gss-serv.c
++++ openssh-4.7p1/gss-serv.c
+@@ -355,6 +355,13 @@
+ 		child_set_env(envp, envsizep, gssapi_client.store.envvar,
+ 		    gssapi_client.store.envval);
+ 	}
++	if (gssapi_client.exportedname.length != 0 &&
++	    gssapi_client.exportedname.value != NULL) {
++	        debug("Setting %s to %s", "SSH_GSSAPI_NAME",
++		    gssapi_client.exportedname.value);
++		child_set_env(envp, envsizep, "SSH_GSSAPI_NAME",
++		    gssapi_client.exportedname.value);
++	}
+ }
+ 
+ /* Privileged */